Cisco  thinks  small 

Compliance  meets  security 

Honk  if  you’re  wireless 

Cisco’s  next  billion-dollar  hope?  Small-business 

At  this  week’s  Computer  Security  Institute 

Feds,  car  makers  pushing  carriers  to  support 

products  and  services. 

Conference,  vendors  are  expected  to  unveil 

wireless  scheme  for  highways. 
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products  that  make  assessing  risk  easier.  PAGE  8. 
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New  Lotus 
boss  sailing 
tricky  seas 

BY  JOHN  FONTANA 

IBM/Lotus  chief  Michael  Rho- 
din  this  week  will  quietly  finish 
his  first  100  days  at  the  helm, but  it 
is  the  coming  months  that  will  tell 
if  he  is  the  one  who  can  align 
Notes/Domino  with  IBM’s  Java- 
based  collaboration  strategy  and 
validate  customers’  continued  in¬ 
vestment  in  the  Lotus  platform. 

The  first  order  of  business  will 
be  to  reveal  that  new  versions  of 
Notes/Domino  will  extend  past 
Version  8, which  could  ship  by  the 
end  of  2006. 

Rhodin,  a  21-year  IBM  veteran, 
says  his  skills  as  an  innovator  are 
his  core  strength,  but  it  might  be 
his  ability  as  an  orator  that  sets  the 
tone  for  his  leadership  and  wins 
the  hearts  of  users  looking  to  find 
their  way  in  IBM’s  shifting  collab¬ 
oration  software  strategy 

Rhodin’s  public  unveiling  as 
leader  is  set  for  late  January, 
when  he  will  deliver  a  keynote 
address  to  thousands  of  Lotus 
faithful  at  the  annual  Lotusphere 
user  conference.  Among  other 
things,  he  is  armed  with  two  num¬ 
bers  that  he  hopes  will  send  the 
message  that  IBM  has  a  strong 
hold  on  Notes/Domino. 

See  Lotus,  page  80 


After  six  years  of  testing 
the  coolest  tech  products 
for  the  holidays,  we're 
going  to  take  a  nap  and 
just  dream  about  what’s 
coming.  You  can  head  to 
page  62  to  see  what  we 
came  up  with  for  this 
year's  installment. 
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Telling  tales  of  the  tape 

BY  DENI  CONNOR 

“Interested  in  selling  tape?  We  buy  used 
tape  and  offer  top  cash  for  all  types  of  tapes, 
cartridges,  reel  tape  or  whatever  type  of  magnetic  media  you  use.” 

Such  pitches  are  everywhere  on  the  Internet  and  ever  so  tempting. 
You’re  looking  to  upgrade  to  new  storage  tapes  or  disks  and  figure  you 
might  try  to  defray  costs  by  getting  a  few  bucks  back  for  your  old 

See  Tape,  page  16 


GA  users 
to  eyeball 
Unicenter 
upgrade 

BY  DENISE  DUBIE 

Computer  Associates  this  week 
is  set  to  share  management  and 
security  product  plans  with  cus¬ 
tomers  eager  to  hear  which  prod¬ 
ucts  the  vendor  will  develop  and 
which  it  may  leave  behind. 

The  company  is  expected  to  an¬ 
nounce  Unicenter  11,  the  first 
major  revision  of  the  network  and 
systems  management  software  in 
four  years,  at  its  CA  World  cus¬ 
tomer  conference  in  Las  Vegas. 
While  CA  would  not  disclose 
details,  upgrades  are  expected  to 
include  the  ability  to  manage  vir¬ 
tualized  servers,  automate  prob¬ 
lem  resolution  and  collect  config¬ 
uration  data  that  could  be  used  to 
populate  the  company’s  first  con¬ 
figuration  management  database 
(CMDB). 

And  for  security,  CA  is  expected 
to  announce  upgraded  eTrust 
identity  and  access  management 
tools,  which  are  expected  to  in¬ 
corporate  technology  acquired 
with  Netegrity  last  year. 

“It  is  clear  that  CA  has  not  been 
in  the  news  [for  its  products]  in 

See  Computer  Associates,  page  78 
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A  Service  Managing  7  Million  Transactions  a  Day. 

Running  on  Microsoft  SQL  Server  2005. 
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How  does  Xerox  Global  Services  manage  millions  of  office  devices  for  its  customers? 
Their  largest  application  runs  on  new  SQL  Server™  2005  64-bit  running  on  Windows 
Server™  2003,  which  provides  99.999%  uptime*  See  how  at  microsoft.com/bigdata 
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Our  testing  elves  have  been  \\ 

working  overtime,  getting 
ready  to  bring  you  the  wish 
list  of  our  favorite  technology 
products  for  the  gift-giving  season. 

Experience  the  joy  of  the  Cool  Yule  Tools  holiday 
gift  guide.  Page  62. 
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8  Cisco  service  unit  targets  small  business. 

8  Conference  to  put  spotlight  on  compliance/security  mix. 

10  Start-ups  look  to  horn  in  on  net  control. 
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14  XO  spins  off  wireless  asset. 
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Logitech's  Z-5450  Digital  5.1 
Speaker  System  hits  a  high 
note  with  116  watts  of 
power.  Page  38. 
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Management  Strategies 

71  Nationwide  fbnmdzes  capacity 

management:  An  IT  insider  recounts 
cross-company  effort  to  create  a 
process  model, 
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The  Hot  Seat 

In  our  Network  World  ITVideo,  we 
put  Tom  Burkardt,  CEO  and  presi¬ 
dent  of  BlueNote  Networks,  in  the 
Network  World  Hot  Seat,  to  watch 
him  explain  why  BlueNote  claims  to 
be  the  Skype  of  enterprise  VoIP. 
DocFinder:  9737 

Cool  Tools 

In  this  video,  Keith  Shaw,  senior  edi¬ 
tor  of  product  testing,  rates  the  lat¬ 
est  gizmos  so  you  don't  have  to. 
This  week  Shaw  looks  at  the  Sony 
Vaio  T350P  laptop,  equipped  to  sup¬ 
port  Cingular's  Edge  wireless  broad¬ 
band  network. 

DocFinder:  9738 


NetworkWorld.com  at  10 

Join  us  as  we  look  back  at  the 
events  of  the  past  10  years  in  net¬ 
working  and  tell  us  where  the  net¬ 
work  is  headed. 

DocFinder:  9641 

MSN:  Failing  semigracefully 

See  what  IT  Borderlands'  Ken 
Fasimpaur  found  when  he  was  run¬ 
ning  a  user's  copy  of  FireFox  and 
watched  it  load  MSN.com  as  the 
default  browser  home  page. 
DocFinder:  9739 

2005  Salary  Calculator 

Are  you  making  what  you're  worth? 
Register  free  and  find  out  how  your 
compensation  compares  to  that  of 
your  peers,  DocFinder:  8121 


Online  help  and  advice 

Cool  Tools  Daily  Dose 

Keith  Shaw  reports  on  what’s  so 
great  about  Iomega's  new  NAS 
boxes,  details  of  LG/Cingular's  new 
MP3  cell  phone  and  how  Sony 
promises  no  more  wobbly  digital 
images. 

DocFinder:  9540 
Gibbsblog 

Columnist  Mark  Gibbs  on  Sony's  con¬ 
troversial  DRM  software:  "Is  a 
class-action  suit  too  kind  for  Sony 
executives?  DocFinder:  9740 


Compendium 

Executive  Online  Editor  Adam  Gaffin 
points  you  to  copies  of  messages  on 
the  future  of  Microsoft  from  Bill 
Gates  and  Ray  Ozzie.  Is  this  compa¬ 
rable  to  the  ship-turning  when  Gates 
suddenly  got  the  Internet? 
DocFinder:  9741 

Small  Business  Tech 

Microsoft  vs.  the  world: 

Columnist  James  Gaskin  details 
affordable  open  source  alternatives 

to  Windows.  DocFinder:  9742 


Seminars  and  events 

Free  event  for  IT  executives 

What  do  industry  insiders  predict  for  the  coming  year?  Find  out  at  IT 
Roadmap  '06:  What's  New,  What's  Next,  and  What  to  Buy  Now.  John  Gallant 
and  Johna  Till  Johnson  provide  concrete  answers  to  the  questions  that  plague 
executives  responsible  for  IT  spending.  Qualify  to  attend  free  —  and  for  the 
opportunity  to  win  a  42-inch  plasma  TV  when  you  attend.  DocFinder:  9743 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder  1001 

Free  e-mai  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder  1002 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 
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Vendors  unite  to  keep  Linux  patents  open 

■  Five  of  the  biggest  names  in  technology  have  funded  a  new  venture 
called  the  Open  Invention  Network  that  will  acquire  patents  and  offer 
them  royalty  free  to  promote  the  Linux  open  source  operating  system. 
The  Open  Invention  Network  was  formed  with  undisclosed  invest¬ 
ments  from  IBM,  Novell,  Koninklijke  Philips  Electronics, Sony  and  Red 
Hat,  and  will  be  headed  by  Jerry  Rosenthal,  who  was  most  recently  vice 
president  of  IBM’s  Intellectual  Property  and  Licensing  business.  When 
the  Open  Invention  Network  acquires  patents  they  will  be  available  to 
any  company  institution  or  individual  that  agrees  not  to  assert  its  patents 
against  the  Linux  operating  system  or  certain  Linux-related  applications, 


TheGoodTheBadTheUgly 


Doing  it  for  the  kids.  Wireless  carriers 
are  joining  forces  to  develop  tools  to  help  keep  racy, 
violent  and  gambling-related  content  out  of  the 
hands  of  children  as  Internet  and  video  access 
becomes  more  common.  The  CTIA  trade  associa¬ 
tion  last  week  unveiled  its  Wireless  Content 
Guidelines.  With  the  rules  being  voluntary,  it 
remains  to  be  seen  how  widespread  adoption  proves 
to  be. 

<  Incredible  shrinking  IT  groups. 

The  demand  for  IT  specialists  is  decreasing  and  the  size  of  IT 
departments  is  shrinking  significantly,  according  to  new 
research  presented  by  Gartner  last  week  at  the  Gartner 
ITxpo  conference  in  Cannes,  France.  By  2010,  IT  organiza¬ 
tions  in  midsize  and  large  companies  will  be  30%  smaller  than 
they  were  this  year,  Gartner  predicts. 


the  group  said  in  a  statement.  Among  its  initial  patent  holdings  will  be  a  set 
of  business-to-business  e-commerce  patents  purchased  from  Commerce 


One  by  a  Novell  subsidiary 

Google  has  plans  for  mapping 

■  Googles  enterprise  unit  was  recently  entrusted 
with  the  business  versions  of  the  Google  Earth  map¬ 
ping  products,  and  executives  are  discussing  ways  to 
integrate  them  with  the  company’s  enterprise  search 
products.There’s  definitely  a  lot  of  potential  for  inte¬ 
gration  between  the  Google  Earth  products  and  the 
Search  Appliance  and  the  Google  Mini.  We ’re  starting 
to  look  at  what  might  make  sense,”  says  Dave 
Girouard,  general  manager  of  the  Google  enterprise 
unit.  Google  acquired  what  are  now  known  as  the 
Google  Earth  products  last  year  when  it  bought  Key- 
hole.The  most  basic  product,  known  as  Google  Earth, 
is  a  free  downloadable  mapping  application  with  a 
multiterabyte  database  of  satellite  images  and  a 
video  game-type  user  interface  that  lets  users  “fly” 
around  the  globe,  zipping  from  destination  to  desti¬ 
nation,  zooming  in  and  out  of  cities.  Google’s  enter¬ 
prise  unit  is  at  a  preliminary'  stage  of  discussions  over 
ways  to  integrate  Google  Earth  Pro  and  Google  Earth 
Enterprise  with  its  enterprise  search  wares. 

Yahoo  says  ‘no,  thanks'  to  AOL 

■  Yahoo  scuttled  talks  to  take  an  interest  in  AOL  after 
learning  the  proposed  terms  of  the  deal,  a  company 
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quote  o 


the  week 

the  week 

t  ie  week 
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“Today  the  opportunity  is  to  uti¬ 
lize  the  Internet  to  make  soft¬ 
ware  far  more  powerful  by 
incorporating  a  services  model. 
We  will  build  our  strategies 
around  Internet  services.” 

Microsoft  Chief  Software  Architect  Bill  Gates  in  a  recent  e-mail  to 
company  executives. 


spokeswoman  said  last  week.  The  rejection  narrows 
the  field  of  suitors  for  AOL.  Microsoft  and  Google  have 
reportedly  expressed  an  interest  in  the  Time  Warner 
unit,  but  no  definitive  deal  has  been  struck.  Yahoo’s 
rejection  of  a  deal  came  two  days  after  the  company’s 
CEO,  Terry  Semel,  and  Time  Warner  CEO  Richard 
Parsons  met  in  New  York.  Rumors  have  circulated  that 
Comcast  may  be  interested  in  a  piece  of  AOL  While 
AOL  has  had  a  declining  number  of  subscribers  over 
the  last  two  years,  it  still  had  20.1  million  fee-paying 


“Geez,  when  my  boss  talked  about 
‘simplifying  the  transport  layer’,  I 
had  no  idea  this  is  what  he  meant!” 


Rick  Stoffiere  of  Avon,  Ohio,  is  this  week's  winner. 
Check  back  every  Monday  for  the  start  of  a  new  con¬ 
test  www.networkwoHd.com/weblogs/layer8 


VoIP  tension.  The  FCC  has  backed  off  its  earlier  require¬ 
ment  that  Internet  telephony  providers  must  cut  off  existing  cus¬ 
tomers  if  they  do  not  have  Enhanced  911  emergency  dialing  service, 
but  this  battle  remains  far  from  resolved.  That's  because  the  FCC 
also  ruled  that  VoIP  providers  should  stop  marketing  to  new  cus¬ 
tomers  if  they  cannot  provide  E911  service,  a  stipulation  that  pro¬ 
voked  new  howls  of  outrage  from  the  VoIP  guys. 


subscribers  in  the  United  States  as  of  Sept.  30.  It  has 
dropped  fees  for  much  of  its  content  and  tried  to  take 
in  more  advertising  revenue. Google  has  an  agreement 
to  provide  search  technology  to  AOL,  while  AOL  in 
turn  runs  ads  from  Google’s  advertising  network. 

Oracle's  Maffei  lands  GEO  job 

■  Oracle’s  CFO  Greg  Maffei  will  soon  take  on  the  CEO 
job  at  investment  company  Liberty  Media.  The 
appointment  removes  some  of  the  mystery  around 
Maffei’s  hurried  departure  from  Oracle  after  four 
months.  Oracle  announced  Maffei’s  resignation  after 
Wall  Street  analysts  began  publicly  questioning  his 
absence  at  industry  events. Oracle  said  at  the  time  that 
Maffei  was  departing  for  a  “terrific  professional  oppor¬ 
tunity’ Maffei,  who  in  June  became  Oracle’s  third  co¬ 
president,  reportedly  left  after  personality  conflicts 
with  other  top  executives  and  the  realization  that  he 
would  not  soon  succeed  Larry  Ellison  as  Oracle’s 
CEO.  Maffei,  a  longtime  Microsoft  executive,  spent  five 
years  as  CEO  of  360networks  before  joining  Oracle. 

SuSE  Linux  founder  leaves  Novell 

■  Hubert  Mantel,  a  founder  of  the  SuSE  Linux  project, 
has  resigned  from  Novell,  which  acquired  SuSE  in 
January  2004.  Mantel  was  one  of  four  founders  of 
SuSE,  a  consulting  group  that  focused  on  creating  a 
packaged  version  of  Linux.  He  was  a  longtime  main- 
tainer  of  the  SuSE  project,  but  Novell  notes  that  dozens 
of  other  developers  work  on  SuSE.  Mantel  didn’t  imme¬ 
diately  respond  to  an  e-mail  seeking  comment.  Earlier 
this  month,  Novell  announced  restructuring  moves, 
including  a  600-worker  layoff  and  a  plan  to  focus  its 
efforts  on  high-growth  markets  such  as  Linux. 


Expand  both 


With  a  60-80%  increase  in  storage  needs  every  year,  data  centers  are  bursting  at  the  seams.  The  Sun  StorageTek  StreamLine'  SL500 
modular  library  system  atlows  you  to  consolidate  a  tremendous  amount  of  data  into  a  smaller  area,  so  you  can  manage  unpredictable 
growth  with  ease.  It  actually  adds  capacity  without  the  added  bulk.  In  fact,  it’s  20%  smaller  than  the  competition,  so  you  save  energy, 
money  and  space.  Now  every  department  from  HR  to  finance  can  scale  comfortably  to  the  growing  demands  of  your  business. 
The  flexibility  is  the  opportunity.  The  network  is  the  computer:  Share.  Visit  sun.com/storagetek/SL500- 


Sun  StorageTek 
StreamLine"  SL500 


StorageTek 


TTXicrosystem$ 
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Cisco  service  targets  small  business 

Teaming  with  MCI  to  deliver  hosted  voice  and  data. 


BY  PHIL  HOCHMUTH 

Looking  to  small  businesses  as 
its  next  billion-dollar-a-year  oppor¬ 
tunity  Cisco  this  week  plans  to 
launch  hosted  voice/data  services 
based  on  Linksys  gear  and  deliv¬ 
ered  via  carriers. 

With  its  Hosted  Small  Business 
Services  (SBS),  Cisco  is  teaming 
first  with  MCI  to  offer  hosted  ser¬ 
vices  based  on  small-office  net¬ 
work  gear —  mixed  Cisco/Linksys 
technology  branded  as  Linksys 
One. The  offerings,  including  host¬ 
ed  VolPmessaging,  access  and  fire¬ 
wall  services,  will  be  designed  for 
companies  with  fewer  than  100 
end  users  and  cost  about  $1,000 
per  month.  The  services  will  be 
sold  and  supported  by  local 
resellers. 

Cisco  says  its  Hosted  SBS  ap¬ 
proach  will  give  small  compa¬ 
nies  enterprise-class  network 
and  IT  capabilities.  But  resellers 
and  carriers  —  which  often  com¬ 
pete  for  these  same  small-busi¬ 
ness  customers  —  will  have  to 
buy  into  the  program  and  coop¬ 
erate  for  it  to  work,  analysts  and 
observers  say. 

One  of  “the  last  places  on  earth 
where  the  LAN  fundamentally 
needs  a  complete  upgrade  is  in 
small  businesses,” says  Steve  Kam- 
man,  senior  networking  and  data 
infrastructure  analyst  with  CIBC 
World  markets.  Hubs  and  sneaker- 
nets  are  still  common  network 
technologies  in  small  companies, 
especially  outside  the  U.S.,  he 
adds. 

The  company  with  fewer  than 
100  employees  has  always  been  a 
tough  nut  to  crack  for  enterprise 
equipment  providers,  because 
these  companies  often  use  con¬ 
sumer-oriented  network  gear.Also, 
the  cost  of  having  to  contact  so 
many  disparate  companies  can 
squeeze  profits. 

But  IT  spending  by  such  compa¬ 
nies  is  hard  for  vendors  to  ignore. 
Businesses  with  fewer  than  100 
employees  will  spend  more  than 
$12  billion  on  network  and  tele¬ 
com  equipment  this  year,  accord¬ 
ing  t<  research  firm  AMI  Partners. 
Worldwide,  small  businesses  are 
ex| Kx  ted  to  account  for  24%  of  all 
IT  hardware  and  software  spend¬ 
ing  next  year,  Gartner  says. 

Cisco  plans  to  announce 
Hosted  SBS  as  an  "Advanced 


Technology”  —  joining  the  ranks 
of  its  IP  telephony, security,  optical, 
storage  network,  wireless  and  con¬ 
sumer  business  lines.  Each  is  gen¬ 
erating  $1  billion  in  annual  rev¬ 
enue,  or  that  is  Ciscos  expecta¬ 
tion.  Cisco’s  Advanced  Techno¬ 
logies  contribute  about  21%  of  its 
product  sales,  while  switches  and 
routers  make  up  most  of  the  rest. 
But  revenue  from  the  newer  prod¬ 
ucts  is  growing  at  25%,  compared 
with  3%  growth  in  switches  and 
13%  in  routers. 

Ciscos  past  efforts  to  get  a  big 
piece  of  the  small-business  mar¬ 
ket  did  not  work.  “Dumbing 
down”  its  enterprise  products 
came  up  short,  because  cus¬ 
tomers  were  finding  better  value 
from  commodity  products,  says 
Marthin  De  Beer,  vice  president 
and  general  manager  of  Linksys’ 
small-business  group.  “We  weren’t 
giving  [small  businesses]  what 
they  wanted.” 

Carriers  have  also  failed  at  pen¬ 
etrating  small  business  with  host¬ 
ed  VoIP  and  security  services, 
because  the  offerings  have  been 

See  Cisco,  page  9 


Bundled  small-business  services 

Cisco  is  combining  its  Linksys  and  other  technologies  with  services  from  carriers  and  VARs  to 
deliver  converged  applications  and  connectivity  to  companies  with  five  to  100  workers. 


Small  business 


H 


► 


VAR/reseller 


Customer  account  portal 

•  Voice:  50  users 

•  Security:  I  PS/firewall 

•  Messaging:  50  mailboxes 


Q  Offices  lease  equipment  and  services  from  VARs/resellers  for  a  monthly  fee  —  around  81,000  —  which  could  include  bundled 
VoIP,  broadband,  managed  firewall  and  hosted  e-mail/voice  mail  services. _ 

□  Carriers,  such  as  MCI,  host  the  applications  via  a  Cisco  service  node,  which  includes  hardware  and  software  for  provisioning  services 
and  edge  router  infrastructure  for  delivering  broadband. 

B  Local  VARs  or  resellers  are  the  point  of  contact  for  support  and  service.  VARs  access  customer  accounts  via  portals  hosted  on 
the  carrier  service  node. 


Conference  to  put  spotlight  on  compliance 


BY  CARA  GARRETSON 

As  compliance  responsibilities  fall  more  in 
the  laps  of  security  professionals,  vendors  are 
responding  with  products  and  services  de¬ 
signed  to  make  understanding  and  reporting 
on  risk  and  compliance  more  accessible. 

At  the  Computer  Security  Institute  (CSI) 
Conference  in  Washington,  D.C.,  this  week,  a 
number  of  vendors,  including  NetlQ,  Consul 
and  ConfigureSoft.will  unveil  new  or  updated 
offerings  aimed  at  making  it  easier  for  compa¬ 
nies  to  assess  risk  and  gauge  their  compliance 
with  federal  and  industry  regulations.The  con¬ 
ference,  in  its  32nd  year,  is  expecting  3,000 
attendees.  It  also  features  for  the  first  time  a 
compliance  track  with  nine  presentations  cov¬ 
ering  topics  such  as  compliance  manage¬ 
ment,  consumer  breach  notification  statutes 
and  privacy 

But  why  is  compliance  of  such  interest  to 
security  professionals?  “It’s  not,  but  we’re  see¬ 
ing  more  and  more  security  managers  made 
responsible  for  compliance,”  says  Khalid  Kark, 
a  senior  analyst  with  Forrester  Research  “That’s 
why  it’s  a  big  deal  for  those  people  to  know 
what’s  going  on  in  the  industry  what  the  regu¬ 
lations  are  and  how  to  complyf 


This  trend  toward  making  security  profes¬ 
sionals  responsible  for  compliance  began  a 
few  years  ago  but  has  picked  up  significantly 
over  the  past  year,  because  of  “a  lack  of  com¬ 
panies  being  able  to  find  someone  else,”  Kark 
adds.  “Since  security  [professionals]  already 
have  related  responsibilities,  to  be  fair  it  prob¬ 
ably  makes  sense;  you  don’t  want  to  have  sev¬ 
eral  different  efforts  in  trying  to  do  the  same 
kinds  of  things.” 

At  the  conference,  NetlQ  plans  to  announce 
its  Risk  and  Compliance  Center.  This  software 
centralizes  and  analyzes  data  from  NetIQ’s 
security  products  regarding  configurations, 
policy  compliance  and  vulnerability  to  create 
a  management  console  for  quickly  gauging 
compliance  of  a  company’s  IT  controls,  says 
Chris  Pick,  the  company’s  vice  president  of  cor¬ 
porate  strategy. The  console  works  as  an  “exec¬ 
utive  dashboard”  to  extract  technical  data  re¬ 
garding  compliance  and  risk  management 
and  display  it  clearly,  he  says. 

NetlQ  Risk  and  Compliance  Center  is  priced 
starting  at  $40,000  and  slated  for  availability 
before  year-end. 

Also  at  the  CSI  Conference,  Consul  Risk 
Management  plans  to  announce  Version  6.0  of 


its  Insight  suite  of  security  auditing  and  com¬ 
pliance  tools.  New  features  include  an  option 
to  automatically  generate  security  policies, 
new  end-user  filtering  abilities  and  improve¬ 
ments  to  the  suite’s  management  module, 
company  officials  say 

Consul  is  addressing  the  intersection  of  com¬ 
pliance  and  security  by  tracking  and  reporting 
on  malicious  and  unintended  security  policy 
violations, so  that  a  compliance  record  can  be 
established.  The  company  calls  its  approach 
the  W7  methodology  determining  who,  what, 
when,  where,  where  from,  where  to,  and  on 
what  to  monitor  and  analyze  activity.  The 
upgrade  is  priced  at  $40,000. 

Another  company  Configuresoft,  is  focusing 
on  the  compliance  of  IT  systems  for  compa¬ 
nies  that  handle  credit  card  data. The  compa¬ 
ny’s  Enterprise  Configuration  Manager/PCI 
DSS  Continuous  Compliance  toolkit  aims  to 
help  vendors  and  merchants  covered  by  the 
Payment  Card  Industry  Data  Security  Standard 
(PCI  DSS)  that  governs  the  security  of  credit 
card  data. 

The  toolkit, slated  for  release  this  week,  is  free 
to  customers  under  Configuresoft’s  customer 
support  program.^ 
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complex  to  install  at  customer  sites,  while 
pricing  has  not  been  competitive  with  tra¬ 
ditional  hosted  Centrex  or  managed  tele¬ 
phone  key  system  offerings  from  telecom 
resellers,  says  Nigel  Williams,  vice  presi¬ 
dent  of  Linksys’  channel  and  service  pro¬ 
vider  business. 

These  issues  are  solved  by  the  lower-cost 
Linksys  gear,  which  can  be  set  up  in  less 
than  one  hour  and  configured  remotely 
Williams  says. 

Cisco/Linksys  inside 

The  central  piece  of  customer  premises 
equipment  under  Hosted  SBS  is  the  SVR 
Services  Router.  The  box  includes  a  non- 
10S  WAN  router  operating  system,  T-l  and 
broadband  connectivity  ports,  and  a  16- 
port  10/100M  bit/sec  power-over-Ethernet 
switch. 

A  Session  Initiation  Protocol  (SIP)  proxy 
server,  firewall  and  local  DNS  and  DHCP 
servers  also  run  on  the  platform.  The  SVR 
Services  Router  runs  a  modified  Linux 
operating  system  and  can  serve  as  a  local 
platform  for  e-mail  and  other  applications. 


ForVoipthe  Linksys  One  PHM  1200  is  an 
IP  phone  that  ties  back  to  a  centralized 
SIP-based  call  server  in  the  carrier  cloud. 
For  internal  calls,  the  phone  uses  SIP- 
based  point-to-point  signaling,  instead  of 
tying  back  to  the  carrier  network  and 
using  WAN  bandwidth.  Individual  voice 
mail  boxes  are  stored  locally,  so  they  are 
still  available  if  the  WAN  link  goes  down. 

Another  VoIP  survivability  option  is  the 
VGA2000,  a  gateway  that  connects  analog 
devices  and  fax  machines  and  provides 
local  calling  in  case  the  IP  phones  cannot 
reach  carrier  SIP  servers. 

Cisco  says  these  devices  are  the  first  co¬ 
developed  products  among  its  Linksys 
and  Cisco  development  teams. 

“Were  getting  the  full  ball  of  wax  in  one 
box,  instead  of  having  to  buy  and  install,”  a 
router,  firewall,  phone  system  and  LAN 
switches  separately,  says  Bob  Crenshaw, 
president  of  Exceleron  Software,  a  Dallas 
company  with  35  employees.  Crenshaw 
says  Exceleron  had  the  Linksys  One  router 
and  phones  delivered  by  a  local  reseller, 
then  set  up  and  configured  remotely  “We 
didn’t  have  to  have  a  technician  here  all 
day;  we  plugged  them  in,  and  it  all 
worked.” 


He  says  the  service/equipment  bundle 
will  allow  him  to  relieve  one  of  his 
employees  from  the  double  duty  of  writing 
software  and  supporting  the  company’s 
small  network  and  telephone  key  system. 

“1  can  put  that  person  on  another  job, 
something  that  will  help  make  us  money?’ 
he  adds. 

Channel  challenges 

The  Linksys  One  model  relies  first  on  car¬ 
riers  such  as  MCI  to  tap  local  resellers  to 
sell  the  equipment/services  packages  to 
small  companies. 

“We  are  going  to  have  to  go  out  and  find 
the  right  [value-added  resellers]  ”  to  make 
the  business  work,  says  Phil  Meeks,  senior 
vice  president  of  strategic  alliances  at  MCI. 
In  the  future,  Meeks  says  additional  ser¬ 
vices,  such  as  hosted  ERP  and  CRM  appli¬ 
cations  or  office  productivity  software, 
could  be  provisioned  to  small  companies. 

But  the  interdependent  model  of  Cisco’s 
Hosted  SBS  strategy  could  take  time  to 
develop,  with  obstacles  among  the  various 
carrier,  vendor  and  channel  partners. 

“The  issue  is  what  channel  they’re  going 
to  market  on,  and  if  those  channels  com¬ 
pete  with  each  other,”  says  Frank  Dzubeck, 


president  of  Communication  Network 
Architects. 

“The  big  bitch  against  Cisco  by  the  VAR 
channels  is  the  fact  that  they  have,  in  the 
past,  given  better  pricing  to  the  RBOCs,who 
then  undercut  the VARs,”he  says.“The  RBOC 
is  the  first  and  primary  channel  to  small 
business  in  lots  of  cases.” 

The  biggest  hurdle  will  be  getting  local 
resellers  of  Cisco  and  Linksys  gear  to  come 
into  the  fold  with  carriers  such  as  MCI, soon 
to  be  part  of  RBOC  Verizon. 

Hosted  application  services  “is  an  area 
where  some  telcos  continue  to  maintain 
dreams  of  getting  into  someday  their  utter 
failure  to  execute  notwithstanding,”  CIBC’s 
Kamman  says.“It  will  be  interesting  to  see  if 
they  are  willing  to  do  this  on  a  co-branded 
basis.”  ■ 
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Start-ups  look  to  horn  in  on  net  control 

LAN  security  appliances  enforce  policies  at  access  switches. 


BY  TIM  GREENE 

Businesses  that  seek  more  con¬ 
trol  over  who  and  what  machines 
access  their  LANs  but  don’t  want 
to  wait  for  network  equipment 
vendors  to  get  their  plans  in 
place  have  another  option:  appli¬ 
ances  that  impose  such  controls 
without  requiring  switch  up¬ 
grades. 

This  week  a  start-up  called 


Nevis  is  scheduled  to  announce 
its  alternative,  two  network  de¬ 
vices  that  enforce  policies  by 
allowing  access  to  authorized 
resources,  denying  it  to  unautho¬ 
rized  resources  or  shuttling  a 
non-compliant  machine  to  a 
quarantined  network. 

This  is  similar  to  the  approach 
taken  by  competitors  ConSentry 
Networks  and  Vernier  Networks. 


Sun  has  a  lot  riding 
on  UltraSPARC  T1  chip 

BY  JENNIFER  MEARS 

Sun  says  servers  built  on  its  long-awaited  Niagara  processor,  a  multi¬ 
core,  multithreaded  chip  designed  to  better  handle  the  simultaneous 
requests  that  come  with  Web-based  applications,  such  as  security  pro¬ 
cessing,  should  ship  by  year-end. 

The  servers,  which  will  consume  about  half  the  power  of  Xeon-  or 
Opteron-based  systems,  may  be  what  Sun  needs  to  jump-start  its  scal¬ 
able-processor  architecture  business,  analysts  say  On  Monday  the  com¬ 
pany  is  expected  to  introduce  the 
UltraSPARC  Tl,  a  chip  Sun  execu¬ 
tives  say  can  handle  multiple  tasks 
and  increase  throughput  without 
the  power  demands  and  heat  out¬ 
put  of  today’s  processors.  The 
UltraSPARC  Tl  has  eight  cores  on 
a  single  piece  of  silicon.  Each  core 
can  simultaneously  handle  four 
individual  threads  —  software 
instructions  that  must  be 
processed  —  letting  the  chip  carry 
out  more  tasks  and  make  more 
efficient  use  of  memory  at  a  lower 
clock  speed. 

The  processor,  which  will  run  as 
fast  as  1.2  GHz,  will  consume 
about  70  watts  of  power,  a  tad 
more  than  an  average  household 
light  bulb  and  less  than  the  100 
watts  or  more  that  most  proces¬ 
sors  consume  today, Sun  executives  say. 

Sun  isn't  releasing  pricing,  but  analysts  say  the  servers  are  expected  to 
be  priced  similarly  to  well-configured  Xeon-  or  Opteron-based  systems 
—  about  $5,000.The  move  comes  at  a  good  time  for  the  server  maker, 
which  has  been  struggling  to  regain  its  footing  since  the  dot-com  bust 
forced  cost-conscious  buyers  to  move  away  from  pricey  SPARC-based 
servers  to  lower-cost  standards-based  systems. 

I  continue  to  view  this  as  probably  the  most  important  development 
n  terms  of  what  Sun  has  done  with  SPARC  since  the  introduction  of  the 

i"  nal  SPARC  back  in  1987,” says  Nathan  Brookwood, principal  analyst 
at  l.isight  64. “The  fact  that  this  chip  is  coming  along  at  a  time  when 
ma  1 1"  managers  are  pulling  out  their  hair  trying  to  figure  out  how 
tho\  ie  >  .ing  to  increase  their  workload  capacity  without  increasing 
their  power  or  floor-space  requirements  in  their  data  centers  is  very 
good  news  [for Sun]." 

See  Niagara,  page  78 


Sun's  new  UltraSPARC  Tl  has  eight 
cores  that  can  handle  four  soft¬ 
ware  threads  apiece,  enabling  32 
threads  to  be  handled  simultane¬ 
ously  on  a  single  piece  of  silicon. 


Standing  guard 


Nevis  Networks'  LANenforcer  appliance  applies  access 
policies  to  desktops  on  LANs  and  looks  for  security  violations 
to  shut  down. 
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a  When  a  user  logs  on,  LANenforcer  checks  with  LDAP  or  other  directories  for 
security  policies  for  that  user, _ . 

B  LANenforcer  allows  connections  only  in  accordance  with  policies  that  define  which 
network  resources  a  user  is  authorized  to  reach. 

0  If  a  user  attempts  to  reach  other  resources  or  systems,  or  if  a  worm  on  a  PC 
attempts  to  do  so,  LANenforcer  can  shut  down  that  machine's  network  access 
without  affecting  other  devices. 


All  three  vendors’  appliances  sit 
between  LAN  access  switches 
and  LAN  distribution  switches  to 
exert  control  over  individual 
access  switches,  so  if  a  desktop 
starts  misbehaving,  it  can  be  iso¬ 
lated  without  affecting  an  entire 
LAN  segment.  Nevis’  LANenforcer 
gear  can  serve  as  the  access 
switch  and  provide  per-port  con¬ 
trol  of  security  policies. 

Equipment  from  Nevis  and 
Vernier  also  checks  that  comput¬ 
ers  meet  network  security  pro¬ 
files,  such  as  having  appropriate 
patches  and  virus  protection  in 
place. 

Cisco’s  Network  Admission  Con¬ 
trol  (NAC),  Microsoft’s  Network 
Access  Protection  (NAP)  and 
Juniper’s  Enterprise  Infranet  initia¬ 
tives  have  similar  goals  but 
require  software  agents  on  every 
desktop  and  upgraded  switches 
that  can  act  as  enforcement 
points  for  security  policies. 

Joel  Snyder,  a  senior  partner  at 
Opus  One,  a  consulting  firm  in 
Tucson,  Ariz.,  and  a  member  of 
the  Network  World  Test  Alliance, 
describes  the  new  appliances  as 
“high-density,  high-performance, 
identity-based  firewalls.”  The 
smaller  vendors  may  have  an 
advantage,  he  says. 

“1  see  this  as  a  technology  that 
will  do  many  of  the  things  that 
NAC  wants  to  do, and  in  fact  might 
be  better  than  NAC/NAP  ...  at 
pushing  the  brains  into  the  net¬ 
work  rather  than  expecting  them 
to  be  at  the  edge,  where  the  PC  is,” 
Snyder  says. 

The  main  downside  of  NAP  and 
NAC  is  that  they  require  upgrades 
and  overhauls  across  a  range  of 
equipment,  says  Lloyd  Hession, 
CSO  for  financial  networking  ser¬ 
vice  provider  BT  Radianz,  which 
uses  ConSentry  gear.“We’re  a  huge 
Cisco  shop,  and  the  challenge 
Cisco  NAC  has  is  it  typically 
requires  a  lot  of  upgrades.  Unless 
you’re  building  from  scratch  or 
have  a  huge  amount  of  money  for 
your  project,  it’s  going  to  take  a 
very  long  time,”  he  says. 

The  other  issue  is  that  Cisco 
and  Microsoft  alternatives  are 
not  ready.  “When  everything 
shakes  out  with  the  Cisco  and 
Microsoft  solutions,  it  will  be  24 
months  down  the  pike,”  accord¬ 
ing  to  the  infrastructure  archi¬ 


tect  for  one  of  the  top  five  com¬ 
mercial  insurance  companies  in 
the  United  State,  who  is  testing 
Nevis  gear.  In  the  case  of 
Microsoft,  waiting  for  the  client 
software  and  testing  it  before 
deploying  could  take  another  12 
months,  he  says. 

But  many  businesses  are  look¬ 
ing  for  better,  simpler  LAN  access 
control.  For  example,  consultancy 
Financial  Engines  of  Palo  Alto, 
places  a  firewall  between  its  cor¬ 
porate  network  and  its  produc¬ 
tion  network  —  the  network 
where  customer  financial  infor¬ 
mation  resides  and  where  finan¬ 
cial  advice  is  generated. 

Today,  to  grant  access  to  a  pro¬ 
duction  network  requires  an  Ac¬ 
tive  Directory  profile  change,  as 
well  as  a  separate  firewall  rule 
change,  says  Matthew  Todd,  chief 
information  security  officer  for 
Financial  Engines.  With  Nevis,  that 
could  be  accomplished  by  apply¬ 
ing  a  single  Active  Directory  rule 
change  that  shifts  the  user  to  a  dif¬ 
ferent  firewall  policy  group.  The 
Nevis  gear  would  then  enforce 
the  new  policies. 

“We’d  be  able  to  allow  some 
administrators  that  are  able  to 
administer  groups  but  not  fire¬ 
walls  to  allow  an  employee 


access  to  customer  data  without 
having  to  open  up  a  ticket  with 
the  firewall  group  and  have  to 
wait  for  that,”  he  says. 

Accomplishing  all  the  scan¬ 
ning  required  by  these  devices 
requires  enormous  processing 
power,  says  Phil  Schacter,  analyst 
with  Burton  Group.  To  that 
end, ConSentry  and  Nevis  have 
developed  high-performance 
chips  so  their  devices  don’t  slow 
down  LAN  traffic. 

Processing  power  also  is  a  limi¬ 
tation  of  switch-vendor  setups, 
and  to  remedy  that,  ConSentry 
has  long-range  plans  to  put  its 
appliance  on  a  blade  that  could 
be  inserted  in  a  switch,  the  com¬ 
pany  says. 

Nevis  is  shipping  two  types  of 
LANenforcer  appliances.  Nevis 
1000  is  an  access  switch  that 
checks  and  enforces  access  poli¬ 
cies,  and  it  includes  a  port-based 
stateful  inspection  firewall. 
Desktops  plug  directly  into  it.  The 
Nevis  2000  is  a  similar  device  that 
connects  to  groups  of  switches 
rather  than  to  individual  PCs,  sim¬ 
ilar  to  what  ConSentry’s  appli¬ 
ances  do. 

There  are  three  N  1000  models 
priced  from  $13,000  to  $20,000. 
The  N  2024  costs  $35,000.  ■ 
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U.S.  pitches  wireless  highway  safety  plan 


BY  JIM  DUFFY 

The  U.S.  Department  of  Trans¬ 
portation  and  automakers  are 
attempting  to  garner  participation 
from  the  telecom  industry  in  an 
ambitious  project  to  enable 
nationwide  wireless  communica¬ 
tion  between  cars  and  roadside 
facilities  with  the  goal  of  heading 
off  accidents  and  alleviating  traf¬ 
fic  congestion. 

The  Department  of  Transporta¬ 
tion  and  officials  from  Daimler- 
Chrysler  and  Nissan  recently 
pitched  the  Vehicle  Infrastructure 
Integration  (VII)  project  to  carri¬ 
ers  and  service  providers  attend¬ 
ing  the  Telecom  ’05  conference  in 
Las  Vegas.  VII  is  a  $3  billion  to  $10 
billion  federally  funded  effort  to 
build  a  220,000-hot-spot  network 
—  supporting  IEEE  802.11a  and 
802.1  lp  —  along  interstate  and 
state  highway  systems. 

“We’re  not  in  the  telecommuni¬ 


cations  business,  so  we  need 
help,”  says  Bill  Jones,  technical 
director  of  the  Intelligent  Trans¬ 
portation  Systems  (ITS)  in  the 
Department  of  Transportation. 
“This  is  our  first  foray  to  really  try 
and  open  up  the  dialogue  be¬ 
tween  our  two  industries.” 

“We  need  [the  telecom  indus¬ 
try]  to  be  a  part  of  this," adds  Chris 
Wilson,  vice  president  of  ITS  strat¬ 
egy  and  programs  at  Daimler- 
Chrysler. 

VII  is  a  984-foot  dedicated  short- 
range  communications  (DSRC) 
network  using  75  MHz  of  spec¬ 
trum  in  the  5.85-  to  5.925-GHz 
band.  Auto  manufacturers  would 
install  DSRC  and  GPS  antennas, 
receivers  and  transceivers  in  all 
new  vehicles,  while  the  Depart¬ 
ment  of  Transportation  would 
install  the  communications  links 
on  the  roadside. 

Cars  could  then  communicate 


with  each  other  over  short  dis¬ 
tances  to  warn  of  impending  con¬ 
gestion,  or  an  accident  to  avoid, or 
for  state  and  federal  highway 
administration  personnel  to  share 
road  advisory  information  with 
vehicles.The  system  is  intended  to 
reduce  the  expenses  associated 
with  accidents  that  involve  in¬ 
juries  or  fatalities,  which  costs  the 
country  $260  billion  per  year;  and 
with  congestion,  which  costs  $100 
billion  per  year, VII  officials  say 

The  DSRC  system  is  not  de¬ 
signed  for  casual  conversation, 
these  officials  stressed. 

“We’re  not  designing  this  to  sup¬ 
port  non-transportation  needs,” 
Wilson  says.“It’s  not  subject  to  the 
whims  of  consumers.” 

Drivers  will  still  use  cell 
phones,  WiMAX  and  Wi-Fi  in 
addition  to  DSRC,  Wilson  says. 
“We  will  never  see  a  car  that  only 
has  DSRC,”  he  says. 


Crash  course 

There  were  42,643  vehicular 
fatalities  in  2003,  3  million 
injuries  and  6.3  million  acci¬ 
dents,  which  cost  the  U.S. 
economy 

$260  billion. 

SOURCE:  D4IMLERCHRYSIER 

That’s  one  of  the  hooks  that  VII 
proponents  hope  will  attract  the 
participation  of  carriers  and  ser¬ 
vice  providers.  The  automotive 
industry  could  provide  access  to 
tens  of  millions  of  people  who 
buy  new  cars  every  year  and  to 
the  230  million  cars  already  on 
the  road.  Once  one  VII  radio 
antenna  is  installed  in  their  cars, 
and  it  works,  they  may  be  inclined 
to  purchase  others. 

“The  first  radio  reduces  thresh¬ 
old  for  getting  a  second  radio  in,” 
Wilson  says. 

There  are  also  opportunities  for 
carriers  to  provide  backhaul  ser¬ 
vices  for  the  DSRC  system,  as  well 
as  in  assisting  the  Department  of 
Transportation  with  service  in 
sparsely  populated  rural  areas  or 
densely  populated  metropolitan 
areas,  and  in  providing  long-term 
maintenance  and  operations  for 
the  nationwide  network. 

“This  is  another  infrastructure,” 
the  Department  of  Transporta¬ 
tion’s  Jones  says.  “That  is  not  the 
bag  of  the  public  sector?’ 

The  Department  of  Transporta¬ 
tion  also  could  provide  carriers 
with  access  to  rights-of-way  or  col¬ 
location  facilities  along  every  U.S. 
roadway,  and  to  75  MHz  of 
licensed  spectrum,  Jones  says. 

The  U.S.  Telecom  Association, 
which  represents  carriers,  says  it 
is  “helping  the  Transportation  De¬ 
partment’s  outreach  effort  to  alert 
and  educate  service  providers 
about  the  new  opportunities 
available.” 

The  Telecommunications  Indus¬ 
try  Association,  which  represents 
equipment  suppliers.says  it  is  gen¬ 
erally  supportive  —  philosophi¬ 
cally  and  financially  —  of  intelli¬ 
gent  transportation  initiatives 
such  as  VII. 

The  operational  concept  of  Vll 
would  have  vehicles  communi¬ 
cating  with  intersections  and 
with  each  other  via  sensors, 
probes  and  aggregators  to  pre¬ 


vent  crashes.  A  vehicle  would  be 
transmitting  anonymous  on¬ 
board  sensor  data  to  a  roadside 
unit  (RSU)  every  time  it  passes 
one.  The  anonymous  data 
received  at  an  RSU  would  be  sent 
to  an  aggregation  point  from 
which  it  would  then  be  forward¬ 
ed  to  authorized  subscribers. 
Each  aggregation  point  could 
receive  data  from  several  thou¬ 
sand  RSUs.  All  data  would  be 
organized  and  ordered  by  the 
geographic  coordinates  from  the 
vehicles  and  would  be  available 
to  authorized  subscribers. 

Other  uses  for  the  DSRC  system 
include  delivery  of  auto  mainte¬ 
nance  information  between  driver 
and  manufacturer.  Drivers  could 
receive  maintenance  update  and 
reminder  information  from  manu¬ 
facturers,  or  the  car  itself  could 
notify  manufacturers  when  a  part 
was  wearing  out.  This  could 
reduce  the  costs  manufacturers 
incur  for  programming  diagnostics 
into  cars  and  for  managing  cus¬ 
tomer  relationships,  Wilson  says. 

The  DSRC  system  would  not  be 
without  limitations.  Because  it 
would  be  a  short-range  system, 
connectivity  would  be  intermit- 
tent.Vll  officials  say 

“This  is  not  an  anytime,  any¬ 
where  system,”  says  Ronald  Heft, 
senior  principal  engineer  for 
Nissan  North  America. 

That’s  where  overlap  with  exist¬ 
ing  GPS  systems,  such  as  GM’s 
OnStar,  might  end.  OnStar  is  a 
satellite-  and  cellular-based  sys¬ 
tem  that  links  drivers  to  an  OnStar 
service  center,  where  advisers 
offer  drivers  real-time,  personal¬ 
ized  travel  assistance  and  crash 
notification  information. 

OnStar  is  not  designed  for  short- 
range  vehicle-to-vehicle  commu¬ 
nications  nor  real-time  safety 
applications,  Wilson  says,  such  as 
cooperative  collision  avoidance. 

“I  need  to  know  what’s  going  on 
200  meters  around  me,”  Wilson 
says.  “OnStar  is  not  suited  for  that 
goal." 

GM,  the  creator  of  OnStar,  is  also 
involved  with  the  Vll  project. 

Vendors  are  designing  equip¬ 
ment  for  VII,  and  core  safety 
applications  are  being  tested. 
Those  involved  in  the  VII  initia¬ 
tive  expect  an  end-to-end  refer¬ 
ence  system  to  be  completed 
next  summer,  and  for  field  tests  to 
be  conducted  in  2007.  ■ 


Start-up  tackles  S0A  mgmt 


BY  ANN  BEDNARZ 

Start-up  TrueBaseline  this  week 
is  expected  to  debut  its  first  prod¬ 
uct,  which  is  aimed  at  helping 
companies  keep  IT  resources  and 
business  processes  in  shape  to 
comply  with  myriad  regulatory, 
competitive  and  operational 
requirements. 

SOAComply  lets  users  plan,  mon¬ 
itor  and  control  distributed  envi¬ 
ronments  that  follow  the  princi¬ 
ples  of  a  service-oriented  architec¬ 
ture  (SOA).  Users  can  model  dif¬ 
ferent  “operating  states”  that  estab¬ 
lish  configuration,  status  and 
behavior  rules  to  which  applica¬ 
tion,  system  and  network  resources  must  adhere.  For 
example, a  company  could  define  an  operating  state 
for  achieving  compliance  with  the  Sarbanes-Oxley 
Act,  or  an  operating  state  required  to  handle  peak 
sales  periods.  SOAComply  would  then  alert  users  if 
anything  is  amiss,  from  the  state  of  the  applications 
to  the  bandwidth  required  to  complete  a  task,  says 
Stan  Kramer,  CEO  of  TrueBaseline. 

The  software  originated  in  the  nuclear  power 
industry.  Westinghouse  Electric  Co.  developed  it 
internally  to  comply  with  rules  set  out  by  the 
Nuclear  Regulator)'  Commission  that  require  rigid 
adherence  to  system  configuration  parameters. 
I iiter  Westinghouse  began  selling  its  StatePbintPlus 
software  to  other  companies,  and  early  this  year 
sold  the  technology  and  assets  to  TrueBaseline’s 
founders. 

The  tec  hnology  differs  from  traditional  IT  change 


Profile:  TrueBaseline  Corp. 


Location: 

Pittsburgh,  Penn. 

Product: 

SOAComply,  which  models  and  monitors  the  condition  of  applications 
and  resources  in  a  service-oriented  architecture. 

Origin  of  name: 

Refers  to  baseline  system  conditions  that  the  vendor  monitors  and 
companies  use  to  evaluate  operations. 

Key  executives: 

GEO  Stan  Kramer,  a  former  Cisco  executive;  founder  and  president 
Thomas  Camden,  a  former  manager  of  business  development  in 
Westinghouse  Electric's  core  technologies  division;  and  CTO  Aruna 
Endabetla,  a  former  Westinghouse  project  manager. 

Funding: 

Private 

Fun  fact: 

TrueBaseline  CEO  Kramer  operates  several  Qdoba  Mexican  Grill 
restaurant  franchises  in  Oregon. 

and  configuration  management  products  in  its  SOA 
orientation, says  Thomas  Nolle,  president  and  CEO  of 
consultancy  C1MI.  “SOA  multiplies  the  number  of 
systems  that  you  have  to  look  at,  and  the  number  of 
application  pieces,so  much  that  the  process  isn’t 
scalable,”  Nolle  says.  Key  to  TrueBaseline’s  technolo¬ 
gy  is  that  it  models  not  only  resources  but  also  rela¬ 
tionships  between  resources,  he  says. 

TrueBaseline  plans  to  partner  extensively,  and  one 
of  its  first  is  NetScout  Systems,  which  makes  network 
and  application  performance  management  soft¬ 
ware.  SOAComply  can  correlate  network  status  and 
activity  data  collected  by  NetScout  with  its  other 
resources  to  determine  if  all  of  the  resources  associ¬ 
ated  with  an  application  or  business  process  are  in 
place,  Kramer  says. 

General  availability  is  slated  for  the  second  quarter. 
Pricing  starts  at  $25,000  for  the  base  technology.  ■ 


-«*a . 


_DAY  4:  My  data  has  a  life  of  its  own.  I  can’t 
control  it.  I  can’t  manage  it.  I  can’t... get  out. 


5 i 


.  r-;  ■  . 


_DAY  5:  I  called  for  help.  I  tapped  out  a  distress 
signal  with  an  alien  wrench.  Do  the  guys  upstairs 
know  Morse  code? 
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XO  spins  off  asset 
to  go  wireless 


CLEC  will  go 
after  fixed 
broadband 
alternative 
access  market. 

BY  JIM  DUFFY 

XO  Communications  last  week 
said  it  is  spinning  off  its  wireline 
assets  to  focus  on  fixed  broad¬ 
band  wireless  service  to  busi¬ 
nesses  and  service  providers. 

The  competitive  local  exchange 
carrier  is  selling  its  national  wire- 
line  telecom  business  for  $700 
million  to  finance  its  transi¬ 
tion.  The  buyer  is  Elk  Associates, 
an  entity  owned  by  XO’s  control¬ 
ling  stockholder,  Carl  Icahn. 

Icahn  took  control  of  XO  after 
the  carrier  emerged  from  Chapter 
1 1  bankruptcy  restructuring  in 
early  2003.  Chapter  1 1  allowed  XO 
to  reduce  its  debt  from  more  than 
$5  billion  to  $500  million. 

The  agreement  culminates  sev¬ 
eral  months  of  evaluating  bids, 
though  it  gives  XO  an  option  to 
consider  other  bids  if  a  better  pro¬ 
posal  arises. 

Qwest  is  reportedly  considering 
XO’s  wireline  assets  (www.net 
workworld.com,  DocFinder: 
9744).  The  company  would  only 
say  it  “continues  to  evaluate 
opportunities  that  make  business 
sense.” 

XO  will  retain  its  local  multi¬ 
point  distribution  service  (LMDS) 
fixed  broadband  wireless  spec¬ 
trum  assets  in  the  28-to-31-GHz 
spectrum  range,  which  covers 
more  than  70  U.S.  metropolitan 
markets.  LMDS  is  a  fixed  wireless, 
point-to-multipoint  line-of-sight 
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XO's  controlling  stockholder,  Carl 
Icahn,  bought  the  carrier's  wireline 
assets  for  $700  million. 


technology  best  suited  for  alterna¬ 
tive  access  in  densely  populated 
areas  where  installation  of  wires 
or  cables  would  be  expensive.  It 
can  reach  speeds  of  up  to  45M 
bit/sec,  but  distances  are  usually 
limited  to  about  2.5  miles. 

“They  do  have  a  lot  of  spectrum, 
and  if  you  put  them  up  next  to 
Sprint  they’re  going  to  become 
the  two  significant  potential  play¬ 
ers  in  that  space,”  says  Courtney 
Munroe,an  analyst  at  IDC.’There’s 
been  some  questions  with  the 
technology.  [XO]  said  they  have 
10  miles  line  of  sight  —  if  that’s 
true,  that’s  pretty  good.” 

XO  anticipates  operating  its 
fixed  wireless  business  under  a 
new  name,  because  the  XO  Com¬ 
munications  brand  name  will  re¬ 
main  with  the  national  wireline 
telecom  business.The  transaction 
is  anticipated  to  close  late  this 
year  or  early  next  year. 

Munroe  says  he  does  not  see 
any  adverse  effect  from  the  split 
on  XO’s  existing  wireline  or  wire¬ 
less  customers. 

Once  the  sale  is  completed,  the 
wireless  business  will  be  debt-free 
and  is  expected  to  have  in  excess 
of  $300  million  in  cash  to  fund  its 
operations  and  for  other  corpo¬ 
rate  purposes. 

XO’s  wireless  services  are  avail¬ 
able  to  businesses  and  wireless 
service  providers  in  select  mar¬ 
kets.  The  carrier  plans  to  launch 
its  services  on  a  wider  basis  soon. 

The  wireless  and  wireline  com¬ 
panies  are  expected  to  sell  each 
other’s  products  and  services.  ■ 


At  long  last  Microsoft  ships 
database,  development  tools 


BY  JOHN  FONTANA 

Microsoft  last  week  released  two  of  the  corner¬ 
stones  for  what  it  says  will  be  its  business  applica¬ 
tion  platform  for  the  future. 

In  what  was  billed  as  its  “most  important  release  of 
the  year,”  Microsoft  after  a  two-year  delay  shipped 
Visual  Studio  2005  and  SQL  Server  2005.The  compa¬ 
ny  also  released  a  preview  of  BizTalk  Server  2006,  its 
business  process-management  software  and  the  third 
leg  of  the  application  platform,  with  a  beta  due  by 
year-end  and  final  shipment  in  the  first  half  of  2006. 
The  launch  was  announced  months  in  advance. 

Microsoft  says  it  hopes  the  close  integration  of  the 
three  products,  and  other  software  in  its  platform 
lineup,  will  raise  its  reputation  in  the  corporate  data 
center  and  become  the  platform  for  critical  corpo¬ 
rate  programs  such  as  trading  floor  applications. 

“1  have  Web  developers  that  know  the  Visual 
Studio  [integrated  development  environment] , so  if 
you  create  it  so  the  BizTalk  development  environ¬ 
ment  is  also  in  the  same  [integrated  development 
environment] ,  even  though  there  is  some  new  fea¬ 
tures  and  functionality,  it  is  a  small  stretch  for  my 
development  team  to  do  it,” says  Nick  Wingeron,  vice 
president  for  Citigroup’s  Corporate  Investment  Bank 
Technology  in  New  York. 

Wingeron  is  building  an  identity  and  routing  hub 
for  digital  certificates  using  BizTalk  and  SQL  that  will 
be  deployed  early  next  year. 


Microsoft  hopes  to  extend  the  integration  ofVisual 
Studio  across  its  platform  products  such  as  Share- 
Point,  Windows  clients,  Office  and  packaged  busi¬ 
ness  applications,  and  wrap  it  all  with  XML, Web  ser¬ 
vices  and  .Net. 

“What  you  are  going  to  see  out  of  Microsoft  going 
forward  is  a  much  higher  level  of  integration  be¬ 
tween  their  tool  packages  and  their  back-end  appli¬ 
cations,”  says  Rob  Enderle,  president  of  the  Enderle 
Group. The  integration  is  evidenced  in  Visual  Studio 
2005,  which  is  the  first  set  of  tools  that  lets  develop¬ 
ers  build  applications  that  tie  into  Microsoft’s  emerg¬ 
ing  management  platform  called  the  Distributed 
Systems  Initiative. 

Microsoft  says  the  integration  of  Visual  Studio 
2005  and  SQL  Server  2005  would  show  users  they 
can  build  applications  with  better  scale  and 
performance. 

Visual  Studio  includes  support  for  .Net  Framework 
2.0  and  the  Visual  Studio  Team  System,  which  sup¬ 
ports  collaboration  among  development  teams. SQL 
Server  features  integrated  data  management  and 
analysis  tools.  Last  week,  Microsoft  also  released  16 
integration  adapters  for  BizTalk  2006  that  provide 
interoperability  with  business  applications  from 
Oracle  and  Siebel. 

Microsoft  also  announced  free  versions  of  Ex¬ 
press  Editions  of  SQL  Server  2005  and  Visual 
Server  2005.  ■ 


Ozzie  memo  highlights  Microsoft’s  moves 


A  memo  written  by  Microsoft  CTO  Ray  Ozzie 
sheds  more  light  on  directions  in  which  the 
company  has  been  moving  to  make  sure  it 
doesn’t  miss  the  opportunity  of  the  next  genera¬ 
tion  of  Web-based  services,  which  industry  ana¬ 
lysts  have  dubbed  Web  2.0. 

Microsoft  in  recent  months  has  shown  that 
future  versions  of  Windows  and  Office  will  sup¬ 
port  collaboration  and  personalized  desktop 
services,  based  on  a  new  business  model  lever¬ 
aging  ad  sales  and  recurring  services  revenue 
that  has  turned  rival  Google  into  the  darling  of 
Wall  Street. 

Rather  than  reflect  a  sea  change  for  Microsoft, 
Ozzie’s  memo,  viewed  by  the  IDG  News  Service 
last  week,  reinforces  strategic  moves  the  compa¬ 
ny  has  been  slowly  unfolding  for  several  months. 

The  memo,  part  of  an  Oct.  30  e-mail  sent  by 
Microsoft  Chairman  and  Chief  Software  Archi¬ 
tect  Bill  Gates  to  Microsoft  executives  and  engi¬ 
neers,  proves  that  the  company,  which  has  shown 
a  reluctance  to  let  go  of  its  software  legacy,  is 
ready  to  adapt  to  current  industry  changes. 

Microsoft’s  challenge  is  to  turn  its  successful 
software  products  into  a  seamless  services  plat¬ 
form  —  something  Ozzie  calls  for  in  his  memo. 
For  example,  one  of  the  key  plans  for  the  Micro¬ 


soft  Business  Division,  according  to  the  memo,  is 
to  extend  Office  so  it  can  easily  connect  to  other 
applications. 

Microsoft  says  it  would  make  standard  XML 
the  default  file  format  for  the  next  version  of  the 
productivity  suite,  code-named  Office  12,  a 
move  that  could  make  it  easier  for  other  applica¬ 
tions  to  communicate  with  Office  for  the  cre¬ 
ation  of  services. 

“What  should  we  do  to  bring  Office’s  classic 
[Component  Object  Model]-based  publish-and- 
subscribe  capabilities  to  a  world  where  RSS  and 
XML  have  become  the  de  facto  publish-and-sub- 
scribe  mechanisms?”  Ozzie  asks  in  a  section  of 
the  memo  that  describes  the  notion  of  a  con¬ 
nected  office. 

Microsoft  also  has  revealed  plans  to  include 
RSS  as  a  thread  running  through  multiple  appli¬ 
cations  in  the  next  version  of  its  operating  sys¬ 
tem,  Windows  Vista,  scheduled  to  be  available  at 
the  end  of  next  year. 

Ozzie  also  wrote  that  the  company  must 
focus  on  helping  customers  create,  find  and 
organize  documents  and  data  among  all  the 
desktops,  devices,  servers  and  services  to 
which  they  have  access. 

—  Elizabeth  Montalbano,  IDG  News  Service 


_DAY  32:  Can’t  find  anything.  Can’t  even  find  my  desk. 
I’m  drowning  in  a  sea  of  data  Cgurgle). 

_DAY  33:  Finally.  I’ve  taken  back  control.  I  have 
simplified  my  storage  management  with  virtualization 
technology  from  IBM,  consolidating  the  view  of  my 
data.  Manageable.  Simple.  Genius. 

_Take  heed,  I.T.  people  of  planet  Earth.  Call  IBM. 
Before  THEY  take  over... 
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Tape 

continued  from  page  1 

tapes.  But  those  who  have  bought 
or  sold  used  tapes  warn  that 
doing  so  can  put  your  confiden¬ 
tial  data  at  risk. 

Dan  Nutter,  vice  president  of 
distributed  storage  at  KeyBank  in 
Cleveland,  found  this  out  first¬ 
hand. 

Nutter  says  KeyBank  was  left 
with  8,500  old  tapes  containing 
customer  financial  information 
following  a  $500,000  media 
upgrade. The  organization  con¬ 
sidered  rewriting  over  the  tapes, 
but  Nutter  says  that  would  have 
taken  as  long  as  an  hour  per 
tape.  So  he  turned  to  a  reseller  to 
take  the  tapes  off  his  hands. 

The  reseller  brought  in  a  bulky 
gadget  called  a  degausser  — 
essentially  a  super-sized,  super¬ 
charged  magnet  in  a  stainless 
steel  box,  to  de-magnify  the  tapes 
and  then  resell  them. 

“We  plugged  the  degaussed 
tapes  back  into  our  library  and 
were  still  able  to  read  the  label 
on  the  cartridge,  so  we 
degaussed  them  again  and  put 
them  back  in  the  library  and 
we  were  still  able  to  read 
them,”  Nutter  says. 

The  reseller  returned  with  a 
more  powerful  degausser,  which 


TpsftrsanitiitgtaiK 

Experts  warn  that  improper 
disposal  or  scrubbing  of 
tapes  can  result  in  sensitive 
data  winding  up  in  the  wrong 
hands.  Their  tips: 

•  Tapes  with  servo  patterns  -  3590,  LTO, 
9840  and  9940  -  cannot  be  degaussed. 

•  3480,  3490e,  DLT,  SDLT  drives  can 
be  degaussed. 

•  Know  the  coercivity  factor  of  your  tape 
so  you  know  whether  a  strong  enough 
degausser  is  being  used. 

•  Find  out  if  your  state  allows  incineration. 

•  Always  get  a  certificate  from  the  disposal 
service  that  your  tape  has  been  erased, 
shredded  or  destroyed  properly. 

also  failed  to  erase  the  tapes. 

“We  told  them  to  have  a  nice 
day  and  we  would  find  a  way  to 
get  them  burned,”  Nutter  says. 

Imation,as  a  maker  of  tapes, 
isn’t  shy  spreading  the  word 
about  what,  it  sees  as  a  sketchy 
resale  market. The  company  says 
it  bought  linear-tape-open  tapes 
from  a  reseller  to  find  out  if  sto¬ 
ries  it  had  heard  about  shady 
tape  resellers  were  true:  that 
these  companies  were  reselling 
tapes  that  hadn’t  been  scrubbed 
clean,  even  though  they  were  cer¬ 


tified  to  be  so. 

“When  we  put  them  in  a  tape 
drive,  we  found  customer  data  on 
three  of  four  cartridges,”  says  Tim 
Bjork,  marketing  manager  for  en¬ 
terprise  tape  at  Imation.“We  took 
some  of  the  data,  found  readable 
words,  plugged  them  into  a 
Google  search  and  were  able  to 
link  back  to  the  company  that 
sold  the  tapes  in  the  first  place. 

“Organizations  need  to  under¬ 
stand  that  if  they  sell  their  tapes  • 
they  are  putting  their  corporate 
assets  at  risk,”  he  says. 

Jeff  Brown  is  sales  manager  for 
We  Buy  Used  Tape,  which  buys 
and  resells  tapes.  He  says  it  is 
unfair  to  characterize  all  tape 
resellers  as  corner  cutters,  though 
agrees  that  customers  need  to  be 
careful. 

“It’s  a  market  where  people  try 
to  buy  tape  and  get  it  erased  in 
the  cheapest  manner,”  he  says. 

One  reason  why  some  resellers 
don’t  erase  the  tapes  or  do  so 
only  partially  is  that  degaussers 
can  leave  some  tapes  unusable, 
Imation  s  Bjork  says.  Certain  tapes 
feature  servo  patterns  —  bytes  of 
data  written  to  the  tape  by  manu¬ 
facturers  to  align  the  tape  to  the 
tape  drive  —  that  degaussers 
can’t  erase  without  ruining  the 
tapes,  he  says. 

Dave  Federspiel,  sales  manager 


for  degausser  firm  Data  Security 
says  some  companies  buy 
degaussers  designed  to  erase 
video  tapes,  not  computer  tapes. 

“They  tell  everyone  that  they 
can  use  these  same  degaussers 
for  erasing  computer  tapes,”  he 
says.“[But]  they  just  don’t  erase 
tapes  completely’ 

The  issue  of  unsafe  tape  han¬ 
dling  has  grabbed  plenty  of  head¬ 
lines  this  year,  mainly  because  of 
incidents  in  which  companies 
lost  or  improperly  disposed  of 
tapes  that  contained  sensitive 
customer  data.  In  May  for  exam¬ 
ple, Time  Warner  said  its  offsite 
storage  partner,  Iron  Mountain, 
lost  40  back-up  tapes  containing 
the  names  and  Social  Security 
numbers  of  600,000  former  and 
current  employees.  . 

“After  seeing  all  the  ways  data 
can  get  loose  when  you  dis¬ 
pose  of  tape,  I  only  shred  tape 
and  get  a  certificate  of  destruc¬ 
tion,”  says  Hal  Weiss,  IS  systems 
engineer  for  Baptist  Memorial 
Healthcare  in  Memphis, Tenn. 
“That’s  the  only  way  to  guaran¬ 
tee  your  customer  data  doesn’t 
get  out  and  compromise  your 
business.” 

When  it  comes  to  scrubbing 
tapes,  many  companies  have 
adopted  Department  of 
Defense  regulations.  Regulation 
5220. 22-M  stipulates  that  tape 
should  be  sanitized  using  a 
degausser  or  destroyed  by 
incineration. 

Data  Security’s  Federspiel 
says  customers  need  to  pay 
attention  to  their  media’s  coer¬ 
civity  factor,  which  measures 
how  tightly  the  bits  of  data  are 
bound  to  the  magnetic  media. 
He  suggests  following  National 
Security  Agency  guidelines  for 
media  destruction,  which 
include  recommendations  for 
which  level  of  degausser  to  use 
for  certain  media. 

He  warns  that  incineration  is 
more  involved.“The  challenge  of 
incineration  is  that  the  byproduct 
of  burning  a  tape  is  the  thick 
black  smoke  and  the  release  of  a 
cyanide  gas,”  he  says.'The  En¬ 
vironmental  Protection  Agency 
frowns  on  that.” 

All  of  which  has  encouraged 
some  to  consider  extreme  meth- 
ods.Take,  for  example,  this  sugges¬ 
tion  from  the  book  Unix  &  inter¬ 
net  Security  by  Gene  Spafford 
and  Simson  Garfinkel.  Run  your 
tape  “through  a  band  saw  several 
times  to  reduce  it  to  thousands  of 
tiny  pieces  of  plastic.”  ■ 


CipherTrust  appliance 
protects  corporate  resources 


BY  CARA  GARRETSON 

Messaging  security  vendor  CipherTrust  this  week  is 
expected  to  announce  an  initiative  to  extend  its  out¬ 
bound  communication  protection  beyond  e-mail. 

Early  next  year  the  company  plans  to  release  Iron- 
Net,  a  gateway  appliance  designed  to  enforce  com¬ 
pliance  and  prevent  information  leaks  by  filtering 
outbound  HTTP  and  FI’P  traffic.  Augmenting  the  e- 
mail  and  instant-messaging  security  appliances  the 
company  already  sells,  IronNet  aims  to  protect  the 
remaining  channels  from  which  employees  can 
send  protected  or  proprietary  information  outside 
corporate  walls. 

Managed  security  service  provider  Gladiator  Tech¬ 
nolog)’  in  Alpharetta,  Ga.,  serves  about  300  commu¬ 
nity  banks  and  credit  unions  that  grapple  with  com¬ 
pliance  issues  stemming  from  regulations  such  as 
the  Gramm-Leach-Bliley  Act  and  the  Sarbanes-Oxley 
V  t  Gladiator  uses  CipherTrust’s  IronMail  appliance 
•  is  part  of  its  service  to  secure  clients’  email  com- 

! area1 ions, and  is  considering  adding  IronNet  to  its 
,  i  ‘.“They  have  to  do  certain  things  to  meet 
'•hose  regulations  and  get  through  the  auditing  pro 
<o  sv  i'.hJ  that’s  a  financial  strain,"  says  Ralph  Sikes, 


CIO  of  Gladiator.'As  these  technologies  improve  with 
the  ability  to  secure  more  layers  [of  communica¬ 
tion],  it  puts  that  in  reach  of  the  [small  to  midsize 
business]  market  and  allows  them  to  have  solutions 
they  wouldn’t  have  been  able  to  have  a  year  ago.” 

CipherTrust  competes  with  SurfControl,  Tumble¬ 
weed  and  MessageLabs. 

Unlike  CipherTrust’s  e-mail  and  IM  appliances  that 
scan  messages  coming  into  and  going  out  of  an  or¬ 
ganization,  IronNet  in  its  first  release  will  only  protect 
outbound  traffic.The  company  is  looking  into  devel¬ 
oping  capabilities  that  would  protect  inbound  traffic 
as  well, says  CipherTrust  CTO  Paul  Judge. 

IronNet  uses  multiple  detection  techniques  to  scan 
outgoing  traffic  for  information  that  is  protected 
under  federal  regulations,  as  well  as  for  proprietary 
or  inappropriate  information,  Judge  says.  Outbound 
communication  containing  flagged  information  can 
be  blocked,  quarantined,  alerted  and  encrypted. 

Users  of  IronNet  and  other  CipherTrust  appliances 
can  establish  unified  policies  that  are  enforced 
across  the  products,  using  CipherTrust  Central  to 
manage  these  policies  and  generate  reports. 

Pricing  for  IronNet  will  start  at  $6,000.  ■ 
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Control  starts  with  IBM  System  Storage .™ 


Control  your  data  by  creating  pools  of  storage  that  help  simplify 
management  and  impro  ve  your  access  to  your  data. 

Control  your  data  with  virtualization  technology  designed  to  increase 
utilization  of  your  storage  devices,  helping  to  make  the  diverse  systems 
you  work  with  work  better. 

Control  your  data  with  dynamic  allocation  designed  to  sense  where 
storage  capacity  is  available  and  allot  it  automatically. 


Control  your  data  by  reducing  interruptions  to  applications  and  getting 
the  data  you  need,  regardless  of  where  it  actually  resides. 


Control  your  data  with  IBM  Systems  -  a  range  of  innovative  servers  and 
storage  designed  to  simplify  your  storage,  your  infrastructure,  your  life. 


IBM.COM/TAKEBACKCONTROL 


/ 


Storage  products  may  require  purchase  of  more  than  one  product  or  feature  to  enable  virtualization  capabilities  and  dynamic  allocations.  These  products  or  features  may  incur  an  additional  charge.  IBM,  the  IBM  logo, 
System  Storage  and  Take  Back  Control  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Other  company,  product,  and  service 
names  may  be  trademarks  or  service  marks  of  others.  ©2005  IBM  Corporation.  All  rights  reserved. 
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Office  systems  undergoing  big  changes 


More  than  copiers 

Makers  of  office  document  equipment  are  looking  to  bundle 
hardware  with  software  and  services.  Here  are  categories  of 
office  document  solutions  as  outlined  by  market  watcher 
I  nfoTrends/Cap  Ventures: 

•  Device  management  (remote  diagnostics,  device  relationship) 

•  Document  output  management  (routing,  print  tracking  and  security) 

•  Document  capture/routing  (scanning,  forms/variable  data,  conversion) 

•  Document  management  and  workflow  (repositories,  project  management  and 
collaboration  tools) 


BY  NETWORK  WORLD  STAFF 

BOSTON  —  You  might  think 
you’ve  heard  about  every  possi¬ 
ble  security  vulnerability  in  your 
network,  but  what  about  your 
copiers? 

“Network-connected  output  de¬ 
vices  are  becoming  an  absolute 
primary  target  of  people,  foreign 
and  domestic,  who  are  penetrat¬ 
ing  networks,”  said  Jim  Joyce, 
senior  vice  president  for  office 
services  at  Xerox  Global  Services. 
“Many  of  them  are  large  devices 
with  large  disk  drives,  with  a  fair 
amount  of  memory  and  are  net¬ 
work-connected  and  are  not  se¬ 
cure.  This  laptop  [I'm  using  for 
this  presentation]  is  probably  10 
times  more  secure  than  any  of 
the  output  devices  we  have  in  our 
environments  today’ 

Joyce,  speaking  at  the  two-day 
Office  Document  Solutions  con¬ 
ference  in  Boston  last  week,  was 
among  a  number  of  presenters 
who  implored  makers  of  printers, 
copiers,  scanners  and  other  such 
devices  to  start  thinking  about 
more  than  just  selling  boxes  to 


customers. 

Joyce  said  during  an  interview 
after  his  speech  that  Xerox  has 
poured  about  $20  million  in 
recent  years  into  technologies  to 
better  manage  office  and  docu¬ 
ment  systems  and  is  putting  a 
particular  emphasis  on  security 
these  days.  He  noted  that  some 
machines,  such  as  multifunction 
devices,  might  have  several 
operating  systems  in  them  that 
could  provide  security  holes  if 
not  protected. 


Look  for  Xerox  in  the  months 
ahead  to  deliver  more  in  the  way 
of  technologies  that  would  enable 
document  systems  to  be  able  to 
identify  content  so  that  compa¬ 
nies  can  better  prevent  theft  of 
intellectual  property  and  other 
confidential  data.  Xerox’s  Palo 
Alto  Research  Center  has  been 
working  on  such  technologies, 
Joyce  said. 

Meanwhile,  other  office  docu¬ 
ment-product  vendors  said  they 
seek  to  go  beyond  selling  boxes. 


While  “solutions”  might  qualify 
as  the  single-most  overused  word 
in  the  IT  industry  over  the  years, 
presenters  embraced  it  as  a  fresh 
concept  capable  of  bringing  new 
life  to  their  industry. 

Charles  Pesko,  a  director  at 
InfoTrends/CAP  Ventures,  greeted 
attendees  at  the  consulting  and 
research  firm’s  event  by  stating 
that  the  U.S.  copier  market  is 
maturing  and  that  solutions  are 
the  answer  to  revenue  growth. 
Not  only  do  solutions  —  in  the 
form  of  software,  support  and 
maintenance  —  offer  revenue 
opportunities,  but  vendors  that 
succeed  here  also  will  see  a  rise 
in  hardware  sales.  For  every  dollar 
in  solutions  sold,  a  company  will 
sell  $4  or  $5  of  hardware  with  it, 
he  said. 

“A  lot  of  people  just  don’t  get 
that  yet,”  he  said. 

Among  the  biggest  opportuni¬ 
ties  are  document  capture  and 
creation,  document  management 
and  document  output  manage¬ 
ment,  said  Joel  Mazza,  another 
InfoTrends/CAP  Ventures  director. 

A  panel  of  vendor  representa¬ 
tives  from  Konica  Minolta,  Ricoh, 
Toshiba  America  Business  Solu¬ 
tions  and  Sharp  Electronics 
agreed  that  solutions  are  the  way 
to  go.  However,  they  said  it  is  diffi¬ 
cult  to  change  overnight  given 
that  the  hardware  business  is 
worth  tens  of  billions  of  dollars  a 
year,  whereas  the  solutions  mar¬ 
ket  is  a  sliver  of  that.  Most  of  them 
said  they  are  not  making  money 
on  solutions  so  far,  but  consider 
their  efforts  in  software,  support 
and  more  as  an  investment  that 
will  pay  off  in  the  long  run. 

Bill  Brewster,  vice  president  of 
marketing  for  Konica  Minolta 
Business  Solutions, said  every  RFP 
his  company  gets  includes  a 
demand  for  at  least  one  of  four 
solutions  offerings, such  as  securi¬ 
ty,  device  management,  document 
management  or  workflow.  The 
fact  that  delivering  solutions  can 
help  sell  boxes  isn’t  a  bad  thing, 
he  said,  but  emphasized  that  ven¬ 
dors  need  to  commit  to  develop¬ 
ing  strong  software  and  support 
offerings  to  make  the  solutions 
attractive. 

The  vendors  also  acknowledged 
they  need  to  address  how  to 
encourage  value-added  resellers 
and  other  channel  partners  to  sell 
the  software  given  that  current 


compensations  systems  are  large¬ 
ly  hardware  oriented. 

Wayne  Lyle,  IS  director  for  law 
firm  Preti  Flaherty,  shared  with 
attendees  his  organization’s  expe¬ 
riences  making  strategic  use  of 
office  document  systems.  Over 
the  past  few  years  the  firm,  which 
has  80  attorneys  in  five  offices  in 
New  England,  has  rolled  out  soft¬ 
ware  from  eCopy  and  Interwoven 
to  streamline  handling  of  docu¬ 
ments,  as  well  as  voice  mail, e-mail 
and  even  dictation. 

The  system  has  enabled  attor¬ 
neys  and  their  assistants  to  scan 
documents  into  a  network  system 
that  allows  for  easy  access  and 
secure  storage  of  documents  that 
previously  would  have  been 
stuffed  in  filing  cabinets  or  stored 
elsewhere.  “We  feared  electronic 
images  were  just  going  to  explode 
and  nothing  would  be  there  to 
control  what  we  were  doing,”  said 
Lyle,  who  works  in  Pbrtland, 
Maine. 

Having  a  document-manage¬ 
ment  system  in  place  has  been 
important  given  the  Sarbanes- 
Oxley  Act  and  the  Health 
Insurance  Portability  and 
Accountability  Act.  Even  though 
those  rules  wouldn’t  typically 
apply  to  a  law  firm,  Preti  Flaherty 
is  a  full-service  outfit  that  works 
with  healthcare  and  other  busi¬ 
nesses  that  do  have  to  stick  to 
those  rules.“We  get  hit  with  those 
regulations  from  all  sides  because 
our  clients  do,”  Lyle  said. 

Lyle  said  in  an  interview  follow¬ 
ing  his  presentation  that  the  firm’s 
system  handles  roughly  1.5  mil¬ 
lion  documents  (largely  in  Word) 
and  requires  a  couple  hundred 
gigabytes  of  storage.  But  he  fore¬ 
sees  a  time  not  far  off  when  the 
law  firm  will  need  to  split  its  mas¬ 
ter  database  to  handle  burgeon¬ 
ing  volume. 

On  the  broader  issue  of  office 
document-system  vendors  need¬ 
ing  to  go  beyond  offering  just 
boxes,  Lyle  said  he  is  all  for  it  and 
noted  that  the  integration  among 
his  scanning,  document  manage¬ 
ment  and  office  equipment 
played  a  key  role  in  his  purchase 
decisions.  Partnerships  between 
vendors  are  important  given  the 
variety  of  office  equipment  at 
most  companies  and  the  specific 
needs  of  organizations  in  different 
vertical  markets.  “1  just  hope  it’s 
more  than  talk,”  he  said.B 


NetlQ  adds  monitoring, 
auditing  to  directory  tools 


BY  JOHN  FONTANA 

NetlQ  last  week  released  software  that  tracks 
changes  in  Active  Directory  The  tool  is  intended  to 
provide  corporate  users  with  another  weapon  for 
handling  compliance  regulations. 

With  Change  Guardian  for  Active  Directory,  users 
can  audit  and  monitor  directory  changes  in  real 
time.  Unauthorized  or  misconfigured  changes  can 
lead  to  users  getting  inappropriate  access  or  to  the 
opening  up  of  security  vulnerabilities.  The  tool 
plugs  into  NetlQ’s  Security  Manager  software  or  is 
available  as  a  management  pack  for  Microsoft 
Operations  Manager. 

“I  am  getting  the  ability  to  use  a  microscope  and 
look  at  exactly  what  I  want  to  look  at,”  says  David 
Valcik.vice  president  of  information  technologies  at 
Beverly  Enterprises  in  Fort  Smith,  Ark.,  which  pro¬ 
vides  healthcare  services  to  the  elderly.  Today  the 
company  uses  NetlQ’s  Security  Manager  to  audit  the 
directory,  which  supports  45,000  users  and  52,000 
i  -I  >  ccts,  but  the  software  forces Valcik’s  staff  to  manu¬ 
ally  sift  through  log  files. 

“Anytime  we  can  provide  a  tool  to  reduce  the  cost 
of  auditing,  and  we  can  put  some  controls  in  place 
to  leverage  the  tool  —  that  is  a  win-win  situation.  If 
our  auditors  [internal  and  external]  get  comfortable 
that  these  tools  are  solid,  it  just  helps  us  meet  our 


requirements  for  Sarbanes-Oxle/Valcik  says. 

Change  Guardian  breaks  down  directory  changes 
into  three  categories:  managed,  unmanaged  and 
high-profile.  Users  can  adapt  this  model  to  the  cur¬ 
rent  tools  and  procedures  they  use  to  manage  Active 
Directory 

The  managed-change  category  includes  every 
change  —  such  as  the  addition  and  deletion  of  users 
—  that  is  made  through  the  authorized  interfaces 
defined  by  a  company’s  policies,  such  as  having 
NetlQ  Directory  and  Resource  Administrator  as  its 
Active  Directory  management  tool. 

Anything  not  going  through  an  authorized  inter¬ 
face  —  for  example,  an  administrator  using  native 
Active  Directory  tools  to  add  or  delete  users  —  is  cat¬ 
egorized  as  unmanaged  change. This  allows  users  to 
identify  and  investigate  when  changes  are  made  out¬ 
side  normal  operational  procedures. 

The  high-profile  category  encompasses  such 
changes  to  the  directory  as  moving  a  global  catalog. 

Change  Guardian  comes  preconfigured  with  a 
generic  set  of  alerting  and  reporting  rules  and  a  tool 
that  lets  users  create  their  own  rules. 

NetlQ’s  Change  Guardian  competes  with  similar 
products  from  NetPro  and  Quest. 

The  software  starts  at  $1,200  per  Windows  domain- 
controller  server.  ■ 
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Revised  telecom  reform  bill  meets  opposition 


BY  GRANT  GROSS,  IDG  NEWS  SERVICE 

WASHINGTON.  D.C.—  Republican  draft 
legislation  that  would  largely  deregulate 
IP-based  services,  such  as  broadband 
video,  favors  giant  incumbent  telecom 
carriers  over  other  competitors,  said  some 
witnesses  and  lawmakers  during  a  hear¬ 
ing  in  the  U.S.  House  of  Representatives 
last  week. 

“The  telephone  companies,  to  us,  appear 
to  get  everything  they  ask  for  .  .  .  while 
avoiding  most  social  obligations,”  said 
Marilyn  Praisner,  a  member  of  the  Mont¬ 
gomery  County  Council  in  Maryland,  dur¬ 
ing  a  hearing  before  the  House  Energy 
and  Commerce  Committee’s  telecom  and 
Internet  subcommittee. 

The  staff  draft,  a  revision  of  a  bipartisan 
draft  released  in  September,  streamlines 
video-franchising  requirements,  allowing 
large  telecom  carriers  such  as  Verizon  and 
SBC  to  compete  with  cable  TV  providers 
without  securing  franchise  agreements 
from  multiple  local  governments. 

The  draft,  a  first  step  toward  rewriting  the 
wide-ranging  Telecommunications  Act  of 


1996,  would  require  VoIP  providers  to  pro¬ 
vide  enhanced  91 1  emergency  dialing  ser¬ 
vices,  and  VoIP  and  telecom  service 
providers  to  exchange  voice  traffic,  but  it 
leaves  negotiations  about  fees  entirely  to 
the  carriers. 

The  draft,  which  creates  a  new  regulatory 
category  called  broadband  Internet-trans¬ 
mission  services,  is  necessary  because  U.S. 
industry  needs  a  clear  legal  framework  for 
offering  broadband  services,  said  Rep.  Joe 
Barton  (R-Texas),  the  committees  chair¬ 
man.  “The  advance  of  technology  has  left 
the  law  behind,”  he  said. 

Internet  service  provider  EarthLink  said 
the  draft  includes  no  enforcement  of  net¬ 
work  interconnection  requirements. 

Some  consumer  groups  and  such 
Internet-based  companies  as  Google, Yahoo 
and  Amazon.com  said  that,  with  a  handful 
of  telecom  carriers  and  cable  companies 
controlling  most  broadband  access,  the 
bill  doesn’t  have  strong-enough  protec¬ 
tions  for  Internet  users  to  access  the  legal 
content  of  their  choice,  and  they  need  a 
legal  guarantee. 


A  set  of  network-neutrality  rules  are  in 
the  draft  bill,  but  broadband  providers 
could  cut  off  some  content  or  services 
“under  the  guise  of  network  manage¬ 
ment,”  said  Gene  Kimmelman,  senior 
director  of  public  policy  and  advocacy  at 
Consumers  Union. 

The  draft  bill  says  broadband  providers 
“may  not  unreasonably”  restrict  legal  ser¬ 
vices  or  applications  over  their  networks, 
but  the  bill  doesn’t  define  “unreasonable,” 
he  said. 

The  draft  bill  also  would  allow  broad¬ 
band  providers  to  segment  their  IP  offer¬ 
ings  and  reserve  “huge  chunks”  of  band¬ 
width  for  their  own  uses,  added  Vint  Cerf, 
vice  president  and  chief  Internet  evange¬ 
list  at  Google,  in  a  letter  to  the  committee. 
The  bill  lets  providers  create  network 
capacity  limitations,  offer  their  own 
enhanced  services  over  the  network,  and 
protect  the  security  and  reliability  of  the 
network. 

“My  fear  is  that,  as  written,  this  bill  would 
do  great  damage  to  the  Internet  as  we 
know  it,”  wrote  Cerf,  one  of  the  creators  of 


TCP/IP“Enshrining  a  rule  that  broadly  per¬ 
mits  network  operators  to  discriminate  in 
favor  of  certain  kinds  of  services  and  to 
potentially  interfere  with  others  would 
place  broadband  operators  in  control  of 
online  activity’ 

SBC  is  committed  to  allowing  its  cus¬ 
tomers  to  access  the  legal  content  of  their 
choice,  said  James  Ellis,  the  company’s 
senior  executive  vice  president  and  gen¬ 
eral  counsel. 

But  when  Rep.  Rick  Boucher  (D-Va.) 
tried  to  get  Ellis  to  commit  to  legal  lan¬ 
guage  to  guarantee  broadband  capacity 
for  customers,  Ellis  wouldn’t  bite. 

“Our  position  on  this  is,  like  so  many 
other  things,  that  heavy-handed  regulation 
shouldn’t  be  there,”  Ellis  said.  Customers 
“will  have  ample  capacity!’ 

Committee  Democrats  also  complained 
that  Republican  leaders  abandoned  eight 
months  of  bipartisan  negotiations  that 
resulted  in  the  bill’s  first  draft.  The  revised 
draft  is  a  “detour  that’s  a  likely  legislative 
dead  end,”  said  Rep.  Edward  Markey  CD- 
Mass.). ■ 
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Short  Takes 


■  McAfee  last  week  announced  it 
is  making  available  the  beta  version 
of  its  desktop-based  policy 
enforcement  software  that  can 
provide  more  than  400  security 
checks  before  allowing  a  LAN  con¬ 
nection  or  remote  VPN  access.  The 
McAfee  Policy  Enforcer  1.0  can 
ensure  that  14  different  anti-virus 
programs  are  running  or  up-to- 
date,  including  programs  from 
McAfee,  Symantec  and  Trend 
Micro.  The  policy-enforcement  soft¬ 
ware  can  ensure  that  up-to-date 
software  patches  are  applied  or 
that  VPN  software  from  vendors 
such  as  Nortel,  Check  Point,  Cisco 
and  Juniper  are  in  use  for  remote 
connections.  The  Policy  Enforcer 
software  is  managed  by  McAfee’s 
ePolicy  Orchestrator,  which  man¬ 
ages  several  other  McAfee  security 
products,  according  to  Michelle 
Cobb,  McAfee  marketing  director. 
There  is  no  set  shipping  date  or 
pricing  determined  for  Policy 
Enforcer  1.0. 

■  Reconnex  this  week  is  expected 
to  announce  an  updated  version  of 
its  iGuard  content-monitoring  appli¬ 
ance,  adding  a  way  to  integrate 
with  security-event  management 
systems  from  ArcSight,  Intel- 
litactics  and  others.  The  new  ver¬ 
sion  includes  a  way  to  filter  out 
content  by  country.  The  updated 
iGuard  2.1  appliance  starts  at 
$70,000. 


Big  strides  for  small  net  firms 


BY  PHIL  HOCHMUTH 

While  market  leader  Cisco  is  looking 
beyond  its  core  LAN  switching  market  for 
growth,  smaller  competitors  with  brands 
found  more  often  in  the  isles  of  Best  Buy 
and  Circuit  City  are  gaining  ground  in 
small  and  midsize  businesses. 

Even  as  Cisco  looks  to  address  smaller 
markets  with  its  Linksys-One  initiative  — 
which  combines  Cisco  and  Linksys  gear 
with  MCI  converged  services  for  as  many 
as  100  small-business  end  users  —  Cisco 
may  find  that  many  smaller  businesses  are 
getting  what  they  need  for  LAN  and  wire¬ 
less  LAN  (WLAN)  technology  from  D-Link, 
Netgear,SMC  and  others. 

Cisco  has  held  the  dominant  position  in 
market  share  for  the  LAN  switch  revenue 
for  most  of  this  decade.  But  in  terms  of  the 
number  of  ports  sold  and  installed,  small¬ 
er  vendors  are  giving  the  company  a  run. 
For  2004,  Cisco  held  68%  of  the  $2.9  billion 
worldwide  LAN  switch  market,  according 
to  market  research  firm  In-Stat;  however,  it 
shipped  only  28%  of  the  3.8  million  ports 
sold.  Right  behind  Cisco  was  D-Link,  with 
20%  of  shipments.  Cisco’s  own  Linksys 
SOHO  brand  was  third,  with  12.5%,  and 
consumer  networking  power  Netgear  fol¬ 
lowed  closely,  with  1 1 .5%. 

Much  of  the  shipment  success  of  smaller 
firms  is  because  of  increased  demand  for 
Ethernet  ports  in  consumer  markets  — 


such  as  broadband-enabled  homes  with 
integrated  routers/LAN  switches.  But  busi¬ 
nesses  also  are  putting  what  they  call  sim¬ 
ple,  effective  LAN  switch  products  from 
such  vendors  to  work. 

“The  worldwide  SMB  market  has  approx¬ 
imately  80  million  potential  customers,” 
says  Norm  Bogen,  an  analyst  with  In-Stat. 
Many  of  these  firms  use  the  Internet  as  an 
integral  part  of  doing  business,  with  tech¬ 
nologies  such  as  WLANs  and  Gigabit 
Ethernet  evolving  in  small  offices. 

One  such  firm  is  ImageSource,  a  firm  in 
Olympia,  Wash.,  that  sells  document  and 
image-management  technologies.  The 
company  recently  built  a  LAN  based  on 
Gigabit  Ethernet  in  the  core  and  10/100M 
bit/sec  at  the  edge  with  D-Link  switches. 

The  need  for  Gigabit  came  as  the 
company’s  bandwidth  needs  ballooned: 
High-resolution  image  management  for 
clients  involves  scanning  more  than 
1,100  pages  of  documents  per  day  and 
up  to  300G  bytes  of  digital  storage,  says 
Shadrach  White,  the  company’s  CTO. 
White  says  that  sending  5M  byte  files 
over  the  LAN  was  taking  as  long  as  12 
minutes,  and  backing  up  a  day’s  work 
took  almost  as  long  as  it  did  to  produce 
it  —  18  hours  over  the  network. 

The  firm  uses  DXS-3350SR  stackable 
switches  in  its  core,  which  connect  15 
See  Small  firms,  page  22 


A  different  ballgame 

While  Cisco  is  generally  known  as 
the  dominant  Ethernet  vendor  in 
terms  of  revenue  . . . 


Worldwide  Ethernet  equipment  sold:  $2.9  billion 

Other  combined  (less  than  2%  each) 

15.1% 
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Foundry 
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...  in  the  ports  shipped  department, 
the  field  is  much  tighter. 

Worldwide  Ethernet  ports  shipped:  3.8  million 


Others  combined  (less  than  5%  each) 

15.2% 


8% 

Netgear 

11.5% 

Linksys  12.5% 


SOURCE:  IN-STAT 


Vendor  upgrades  mail-filtering  software 


■  Check  Point  Software 
Technologies  announced  new 
software,  Integrity  Anti-Spyware, 
which  will  be  integrated  into  its 
Check  Point  Integrity  software. 

This  will  let  customers  use  a  single 
security  product  from  Check  Point 
that  includes  spyware  protection 
and  endpoint  security.  Integrity 
Anti-Spyware  detects  spyware  and 
quarantines  or  removes  it,  accord¬ 
ing  to  Check  Point.  Integrity  Anti- 
Spyware  is  to  be  available  later  this 
month  and  can  be  purchased  as 
part  of  a  suite  of  products  that 
costs  $67  or  more  per  user. 


BY  TIM  GREENE 

BorderWare  is  adding  new  filters  to  its 
MXtreme  Mail  Firewall  to  help  customers 
better  block  spam,  viruses  and  network 
flooding  attacks. 

With  release  6.0  of  its  MXtreme  software, 
the  company  is  adding  MXtreme  Intercept 
Engine  that  looks  at  e-mail  content  and 
mixes  it  with  information  about  where  it 
came  from  to  determine  whether  it  is 
spam. 

MXtreme  devices  are  typically  deployed 
in  secure  network  segments  between  fire 
walls  where  they  examine  all  incoming 
and  outgoing  email.  With  the  addition  of 
the  Intercept  Engine,  the  devices  mix  in 
protection  against  phishing,  viruses  and 
denial-of-service  attacks. 


BorderWare  competes  against  IronPort 
and  Tumbleweed,  and  its  equipment 
when  clustered  can  handle  millions  of  e- 
mails  per  hour,  making  it  suitable  for  the 
largest  businesses  and  service  providers, 
says  Michael  Osterman,  president  of 
Osterman  Research. 

The  software  also  adds  optional  access 
to  BorderWare  Security  Network,  a  net¬ 
work  of  BorderWare  customers  that  shares 
its  filtering  data  so  that  spam  can  be  fil¬ 
tered.  If  a  sender  has  been  identified  as  a 
spammer  by  any  of  the  members,  that 
information  is  shared  and  when  e-mail 
with  that  address  arrives  at  any  customer’s 
site,  MXtreme  filters  it. 

If  customers  don’t  opt  in  to  the  securi¬ 
ty  network,  the  gear  still  creates  local 


reputation  libraries  of  IP  addresses  from 
spam. 

The  key  asset  of  the  software  is  the  abil¬ 
ity  to  create  policies  per  user,  says 
BorderWare  customer  David  Braucht, 
senior  security  engineer  at  Resource 
Computing  in  Spokane, Wash.  In  the  past, 
spam  filtering  on  the  device  was  tuned 
to  one  level,  but  not  all  end  users  have 
the  same  need  for  filtering,  he  says. Some 
would  rather  get  more  spam  but  be  sure 
they  are  not  missing  any  legitimate  e- 
mail  that  is  misidentified.he  says.  Others 
want  minimum  spam  arriving  in  their  in 
boxes. 

“Now  the  policy  feature  allows  a  default 
that  is  really  restrictive  for  some  users,  and 

See  BorderWare,  page  22 
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Poll  cites  converged-IP  security  concern 


BY  JEREMY  KIRK, 

IDG  NEWS  SERVICE 

As  viruses  and  malicious  soft¬ 
ware  bloom,  senior  executives 
across  a  range  of  industries  see 
security  as  their  top  concern  in 
implementing  converged  IP  net¬ 
works,  according  to  a  joint  study 
released  last  week  by  the  Eco¬ 
nomist  Intelligence  Unit  and 
AT&T. 

It’s  the  second  year  in  a  row  that 
the  survey  which  polled  236  exec¬ 
utives  in  50  countries,  put  security 
ahead  of  cost,  says  Denis 
McCauley  director  of  global  tech¬ 
nology  research  for  the  E1U. 


Security  was  ranked  first  at  26%, 
followed  by  implementation  costs 
at  23%  and  the  cost  of  new  equip¬ 
ment  at  19%. 

Sixty-two  percent  of  the  re¬ 
spondents  expect  to  implement 
IP  networks  in  the  next  three 
years,  although  63%  said  process¬ 
ing  consumer  data  online  put 
them  at  risk  of  security  breaches. 

McCauley  says  the  study’s  results 
were  noteworthy  in  that  the  great¬ 
est  advantages  of  converged  IP 
networks  —  openness  across  the 
enterprise  to  customer  and  com¬ 
pany  data  —  also  is  its  greatest 
vulnerability.  Companies  also  are 


The  worms 
crawl  in 

An  IP  convergence  study  last 
week  found  62%  of  the  236 
executive  respondents  in  50 
countries  expect  to  imple¬ 
ment  IP  networks  in  the  next 
three  years. 

using  more  mobile  devices,  creat¬ 
ing  more  entry  points  into  net¬ 
works,  he  says. 

Executives,  however,  believe 
the  biggest  threat  comes  from 


people.  The  study  showed  that 
executives  think  most  attacks 
come  from  inside  their  company 
as  part  of  internal  sabotage,  spy¬ 
ing  by  employees  or  uninten¬ 
tional  mistakes. 

Other  threats  such  as  phishing 
attacks  —  which  mimic  familiar 
commerce  sites  through  e-mails 
to  gain  user  names  and  pass¬ 
words  —  are  expected  to  increas¬ 
ingly  target  commercial  organiza¬ 
tions,  the  study  said.  In  spear 
phishing,  employees  are  sent  an  e- 
mail  by  someone  masquerading 
as  a  higher-level  executive  asking 
for  personal  information. 


It’s  likely  the  subordinates  will 
respond  quickly,  according  to  the 
study. 

Increasingly  sophisticated  deni- 
al-of-service  attacks  are  directed 
against  financial  institutions,  says 
Kees  Vos,  global  offering  manager 
for  AT&T.The  attacks  are  by  profes¬ 
sionals,  says. 

AT&T,  which  handles  between 
18%  to  20%  of  all  Internet  traffic, 
collects  data  to  try  to  predict 
emerging  security  threats,  Vos 
says.  It  helps  in  preparing  a  reme¬ 
dy  because  the  time  when  a  threat 
emerges  and  starts  doing  damage 
is  decreasing,  he  says.  ■ 


Small  firms 

continued  from  page  21 

servers  and  high-end  workstations  with  Gigabit  Ethernet  links.  These 
switches  also  are  used  to  connect  100  workstations  and  workgroup 
servers  via  10/100  links,  with  Gigabit  links  back  to  the  two  core  switch¬ 
es.  (Each  port  on  the  boxes  can  run  at  10/100/1, 000M  bit/sec). 

With  Layer  3,  triple-speed  Ethernet  and  slots  for  four  fiber-based 
uplink  ports,  the  DXS-3350SR  matches  up  approximately  to  Cisco’s 
Catalyst  3750  stackable  switch.  But  the  $3,600  price  for  the  D-Link 
boxes  was  a  better  fit  for  ImageSource  than  the  48-port  Catalyst  3750, 
which  starts  at  around  $14,000. 

Business  WLAN  deployments  are  another  area  where  consumer- 
focused  network  companies  are  finding  success.  Recently,  the  Crowne 
Plaza  Hotel  in  Irvine, Calif.,  wired  335  guest  rooms  with  Ethernet  links, 
and  provided  WLAN  access  for  guests  and  hotel  staff  with  a  mix  of 
equipment  from  Netgear.  David  Giron,  chief  engineer  for  the  hotel, 
priced  a  combined  LAN/WLAN  infrastructure  (from  a  vendor  that  he 
would  not  name)  at  around  $80,000.This  was  a  mixed  wired  and  wire¬ 
less  architecture  that  would  connect  users  via  WLAN  only  in  the  hotel 
lobby  and  some  public  areas,  Giron  says. 

Instead,  the  hotel  went  completely  wireless. The  network  now  con¬ 
sists  of  Netgear  ME  103  ProSafe  WLAN  access  points  deployed  indi¬ 
vidually  in  guest  rooms,  and  some  access  points  equipped  with 
extended-range  antennas  for  common  areas,  such  as  the  lobby.  The 
equipment  cost  $4,000. 

Another  firm  deploying  networks  for  hospitality  customers  says 
SMC  is  its  network  gear  of  choice.  Integration  firm  Insystcom  installed 
Ethernet  LAN  and  very  high  bit-rate  Digital  Subscriber  Line  (VDSL)- 
based  in-room  broadband  access  technology  for  resort  hotels  in  the 
Caribbean  and  aboard  cruise  ships.  The  Alpharetta,  Ga.-based  firm 
used  SMC  Ethernet  switches  and  VDSL  nodes  for  these  installations. 
It  uses  SMC  TigerAccess  Extended  Ethernet  VDSL  technology,  which 
allows  for  15M  bit/sec  links  to  guest  rooms  via  existing  telephone 
wiring. The  wire  connects  rooms  as  far  as  5,000  feet  away  from  SMC 
switches,  which  tie  the  room  into  the  overall  LAN  and  connect  to  the 
Internet. 

It’s  not  just  cost,” says  Wil  Riner.CEO  of  Insystcom, about  the  reason 
he  uses  SMC  gear  in  his  deployments. “It’s  [SMC’s]  understanding  of 
the  application.  It’s  the  packaging.  A  lot  of  the  equipment  goes  right 
into  the  rooms  —  not  the  typical  data  center/wiring  closet  environ¬ 
ments  of  a  corporation." 

He  says  the  fact  that  SMC  has  a  strong  background  in  designing  gear 
for  the  consumer  networking  market  helps  the  product  succeed  in 

hotel  deployments. 

“It  has  a  lot  to  do  with  the  acceptability  he  says.“How  intrusive  and 
how  big  are  (are  the  devices] ?"■ 


Microsoft  targets  spyware 


BY  NANCY  GOHRING,  IDG  NEWS  SERVICE 

Microsoft  last  week  gave  an  official  name  to  its 
software  for  protecting  against  spyware  and 
detailed  some  upcoming  features  for  the  pack¬ 
age. 

The  software,  which  has  been  known  as  Windows 
AntiSpyware  Beta  1,  will  be  called  Windows 
Defender  when  the  finished  version  becomes  avail¬ 
able  next  year,  the  company  says. 

A  posting  on  Microsoft’s  TechNet  Web  blog 
announced  the  change  and  revealed  some  details 
about  new  capabilities.  The  current  version  of 
Windows  AntiSpyware  Beta  1  has  18  million  users, 
Microsoft  says. 

Windows  Defender  will  employ  the  same  detec¬ 
tion  technology  used  in  Microsoft’s  anti-virus 
engine,  improving  its  spyware  detection  capabili¬ 
ties,  according  to  the  blog  post.  Spyware  is  software 
that  monitors  a  user’s  online  habits  without  the 
user’s  knowledge  or  permission. 

When  Defender  finds  spyware,  Windows 
AntiSpyware  presents  the  administrator  with  a  list 
of  threats  found,  details  about  each  threat  and  rec¬ 
ommendations  for  resolving  it. 

At  the  administrator’s  behest,  Windows 
AntiSpyware  removes  every  vestige  of  a  spyware 
instance.  Like  Omniquad  AntiSpy  Enterprise  and 
other  competitors,  Windows  AntiSpyware  can  do  a 


quick  or  full  scan.  Microsoft  says  the  product  will 
have  a  central  console  in  the  future. 

The  software  also  will  protect  users  against 
rootkits  and  keystroke  loggers,  according  to  the 
blog.  Rootkits  hide  potentially  malicious  files 
from  security  software.  Keystroke  loggers  are  pro¬ 
grams  that  record  keystrokes  so  that  a  hacker  can 
discover  a  user’s  password  or  other  sensitive 
information. 

Windows  Defender  will  have  an  updated  user 
interface,  and  corporate  customers  will  be  able  to 
receive  Defender  updates  through  Windows  Server 
Update  Services,  Microsoft  says. 

Windows  Defender  will  be  part  of  Windows  Vista, 
Microsoft’s  latest  operating  system,  scheduled  for 
release  next  year.  It  also  will  be  available  to  users  of 
Windows  XP  Windows  2000  and  Windows  Server 
2003,  according  to  the  company 

Users  will  be  able  to  disable  it  and  use  anti¬ 
spyware  software  from  a  different  vendor  if  they 
choose,  Microsoft  says.  Windows  Security  Center, 
which  alerts  users  if  they  aren’t  running  an  anti¬ 
spyware  program,  will  recognize  third-party 
anti-spyware  software. 

Microsoft  obtained  Windows  AntiSpyware  when  it 
purchased  Giant  Company  Software.  In  a  recent 
Network  World  Clear  Choice  Test,  Windows 
AntiSpyware  detected  80%  of  test  spyware.  ■ 


BorderWare 

continued  from  page  21 

others  can  get  a  looser  policjf 
he  says. 

The  6.0  software  adds  algorithms 
that  automatically  fine-tune  the 
software  during  a  learning  mode 
to  avoid  false  positives,  something 
that  was  manual  and  time-con¬ 
suming  before,  Braucht  says. 

New  integration  with  Cisco  10S 
gear  and  F5  Big  IP  load  balancers 


makes  it  possible  to  block 
unwanted  e-mail  traffic  before  it 
reaches  the  MXchange  device,  he 
says:  “It  lets  you  push  the  wall  out 
even  further” 

Benefits  include  keeping  Micro¬ 
soft  Exchange  from  receiving  mal¬ 
formed  e-mail  packets  that  it  tries 
to  reassemble,  resulting  in 
Exchange  shutting  down,  he  says. 

BorderWare  also  offers  a  new 
hardware  platform  based  on  Sun 
operating  systems  and  AMD 


Opteron  processors. 

The  company’s  previous  plat¬ 
form  was  a  proprietary  operating 
system  based  on  Intel  processors. 
The  device  starts  at  $8,000  and 
supports  1,500  employees.  It  is 
available.  ■ 
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DON’T  LET 
SPYWARE 
SABOTAGE  YOUR 
ENTERPRISE. 


The  next  threat  is  no  threat  with  Trend  Micro. 

Expose  and  eradicate  spyware  with  Trend  Micro's  Enterprise-class,  multi-level, 
anti-spyware  solutions.  They're  the  only  solutions  that  block  and  clean  at  the  gateway — 
the  most  effective  point  of  control.  Trend  Micro.  #1  global  leader  at  the  gateway  and 
industry  pioneer.  Whether  it's  a  virus,  worm,  spyware,  or  spam,  we’ve  got  you  covered. 


For  a  FREE  evaluation  and  IDC  whitepaper, 
go  to  www.trendmicro.com/spyware 
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Coyote  Point  E350si  traffic  mgmt. 
switch  surpasses  F5  gear  on 
performance  and  price 

Switch  outperforms  the  F5  BIG-IP  1500,  delivering 
more  than  2X  greater  performance  at  less  than  40%  of  the  price 

Nortel  Ethernet  Routing  Switch  5500  yields 
high  performance  and  very  low  latency 

Nortel  device  delivers  320  Gbps  of  aggregate  Layer  2,  zero-loss  throughput  in  a 
configuration  of  eight  Ethernet  Routing  Switch  5510-48Ts  with  320  GbE  ports 

Citrix  NetScaler  Application  Switch  speeds 
response  times,  lowers  bandwidth  consumption 

Application  acceleration  device  can  accelerate  the  delivery 
of  enterprise  application  data  by  as  much  as  44X 

Reflex  Security  intrusion  appliance  blocks 
attacks  and  still  delivers  high  throughput 

Reflex  IPS  100  delivers  more  than  100  Mbps  of  HTTP  throughput  while 
under  attack,  plus  blocks  more  than  500  attack  types 

Nortel  gateway  shines  in  SSL/IPSec  evaluation 

Norte!  VPN  Gateway3070  offers  highly  scalable  performance  and 
key  functions  for  SSL  and  IPSec  users  in  an  integrated  design 

Netreo  OmniCenter  vastly  simplifies 
network  management  integration 

OmniCenter  provides  extensive  visibility  into  systems,  network 
components  and  applications  anchored  on  an  enterprise  network 


Level  5  Networks  EtherFabric 
GbE  interface  outclasses 
LAN-on-motherboard  rivals 

EtherFabric  speeds  network  I/O  operations 
while  simultaneously  improving  and 
increasing  host  CPU  efficiency 
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Tolly  Benchmarks  is  a  regular  advertising  supplement  that  highlights  innovative 
and  compelling  technology  research  conducted  by  The  Tolly  Group,  the  industry's 
leading  independent  testing  anci  strategic  consulting  organization  based  in 
Boca  Raton,  FL.  For  more  information  on  any  of  the  products  or  technologies 
covered  here,  visit  The  Tolly  Group's  Web  site  at  http://www.tolly.com. 


info@tolly.com  •  phone  (561)  391-5610  fax  (561)  391-5810 


Coyote  Point  traffic  mgmt  switch 

surpasses  F5  gear  on  performance  and  price 


Coyote  Point  Systems,  Inc.  commissioned 
The  Tolly  Group  to  evaluate  the  Equalizer 
E350si,  a  Layer  4/7  load-balancing  switch 
designed  to  serve  up  Enterprise-class 
throughput  in  a  cost  effective  fashion. 
Furthermore,  Coyote  Point  asked  The  Tolly 
Group  to  evaluate  the  Equalizer  E350si 
solution  alongside  several  comparable 
offerings  from  F5  Networks. 

Tolly  Group  engineers  tested 
the  Equalizer  E350si, 
measuring  its  Layer  4 
connection  rate,  Layer 
7  transaction  rate  and 
aggregate  throughput 
(Mbps)  at  both  Layer  4 
and  Layer  7.  Engineers  benchmarked 
the  performance  of  the  Equalizer  E350si 
against  an  F5  Networks  BIG-IP  1500  and  a 
BIG-IP  3400,  two  devices  that  cost  2.5X  to 
almost  4X  more  than  the  Equalizer  E350si. 
Coyote  Point  intended  to  demonstrate  that 
its  Equalizer  E350si  offers  more 
attractive  price/performance  than  the  F5 
Networks  products. 


Results  show  that  the  Equalizer  E350si 
outperformed  the  F5  Networks  BIG-IP  1500 
in  every  test,  offered  near-comparable 
performance  to  the  much  more  expensive 
BIG-IP  3400,  and  offered  compelling 
price/performance  advantages. 

The  Coyote  Point  Equalizer  E350si  achieved 
469  Mbps  of  throughput  with  64-byte 
objects,  which  was  more  than  twice  the 


Layer  4 

throughput  offered  by  the 
BIG-IP  1500  (210.5  Mbps).  With  2K-bytc 
objects,  throughput  of  the  Equalizer  E350si 
jumped  to  702  Mbps,  or  about  32%  more 
than  the  BIG-IP  1500's  475  Mbps.  Further,  the 
Equalizer  E350si  throughput  with  2K-byte 
objects  is  just  21  %  less  than  the  BIG-IP  3400. 


The  Equalizer  E350si  delivered  Layer  7 
throughput  of  199  Mbps  when  tested  with 
64-byte  objects,  633  Mbps  with  2K-byte 
objects,  and  729  Mbps  when  tested  with 
16K-byte  objects.  Those  throughput  results 
ranged  from  30  to  51%  higher  than  the 
throughput  delivered  by  the  BIG-IP  1500. 

The  Equalizer  E350si  offers  an  average  Layer 
4  throughput  of  520  Mbps  across  the  three 
object  sizes  tested  at  Layer  4;  that  equates  to 
a  cost-per-Mbps  of  S9.70,  nearly  five  times 
less  than  the  BIG-IP  1500.  ($47.61)  Analysis 
shows  that  the  Equalizer  E350si  offers  a 
Layer  7  cost-per-Mbps  ranging  from  $8.22  to 
$30.13,  which  is  four  times  less  than  either 
the  BIG-IP  1500  or  BIG-IP  3400. 

In  the  end,  the  Equalizer  E350si  delivers 
greater  value,  delivering  greater 
performance  at  less  cost  than  either  of  the 
F5  BIG-IP  products  tested. 

View  the  full  white  paper  at 

http://www.tolly.com/DocDetail.aspx7Doc 

Number=205131 


•  Outperforms  BIG-IP  1500  in  every 
test,  offers  near-comparable 
performance  to  the  more 
expensive  BIG-IP  3400,  and  offers 
compelling  price/performance 
advantages 

•  Achieves  more  than  twice  the 
connection  rate  supported  by  the 
F5  Networks  BIG-IP  1500  with  64- 
byte  objects,  at  almost  one-sixth 
the  cost-per-connection  than  F5's 
BIG-IP  1500 

•  Supports  40%  more  Layer  7 
transactions-per-second  with  64- 
byte  objects  than  the  BIG-IP  1500 
(44,375  tps  vs.  34,1 99  tps)  and  30% 
greater  throughput  (199  Mbps  vs. 
151  Mbps) 

•  Costs  three  to  four  times  less  on  a 
cost-per-transaction  basis,  and 
30%  to  50%  less  in  terms  of  the 
cost-per-Mbps  of  throughput 
served  than  the  BIG-IP  3400 


Layer  4  Price/Performance  Analysis  of 
Equalizer  E350si  vs.  BIG-IP  1500/3400 


Model  (MSRP) 

Object  size 

Connections/sec 

Cost  per 
cps  (US$) 

Throughput 

(Mbps) 

Cost  per  Mbps 
(USS) 

Coyote  Point 

64 

78,885 

0.08 

468.6 

12.79 

E350si 

2K 

31,996 

0.19 

701.7 

8.54 

(US$5,995) 

16K 

5,518 

1.09 

777.8 

7.71 

F5  Networks 

64 

34,156 

0.47 

210.5 

75’99 

BIG-IP  1500 

2K 

21,460 

0.75 

475.1 

33^67 

(US$15,995) 

16K 

3,413 

4.69 

481.9 

33.19 

F5  Networks 

64 

137,398 

0.19 

811.5 

32.03 

BIG-IP  3400 

2K 

40,753 

0.64 

893.5 

29.09 

(US$25,995) 

16K 

6,599 

3.94 

930.4 

27.94 

Note:  All  BIG-IP  prices  are  MSRP  supplied  by  F5  during  acquisition  of  the  F5  gear  by  Coyote  Point. 


Sponsor:  Coyote  Point  Systems,  Inc. 

Document  number:  205131  Product  Class:  Layer  4-7  load-balancing  switch 

Products  under  test: 

•  Coyote  Point  Equalizer  E350si  SW  Ver  7.2.0d 

•  F5  Networks  BIG-IP  1500  SW  Ver  9.1.0  Build  62 

•  F5  Networks  BIG-IP  3400  SW  Ver  9.1.0  Build  62 

Testing  window:  September  2005 

l  ot  more  info  on  this  test,  visit:  http://www.coyotepointcorn 


Tests  reveal  high 

performance,  low  latency  of 

Nortel  Ethernet 

Routing  Switches 


The  Nortel  Ethernet  Routing  Switch  5510s  in  the  stack  configuration 
demonstrated  very  low  latency  and  standard  deviation  by  recording 
6  ~  23  microseconds  of  average  latency  with  0  ~  9.7  microseconds  of 
standard  deviation.  "Standard  deviation  of  latency"  is  a  measure  of 
how  much  the  latency  of  a  set  of  received  packets  varies  from  the 
mean.  It  is  similar  to  jitter. 

The  Tolly  Group  also  tested  the  Ethernet  Routing  Switch  5510-24T  in 
a  special  three-switch  stack  configuration.  The  Tolly  Group  verified 
that  the  Ethernet  Routing  Switch  5510- 24T  in  the  middle  of  the  stack 
provided  128  Gbps  of  stackable  switching  capacity,  or  64  Gbps  of 
zero-loss  Layer  2  throughput  using  24  Gigabit  Ethernet  ports  ana  two 
stacking  ports  for  the  Ethernet  frame  sizes  of  64, 128, 256, 512, 1024, 
1280  and  1,518  bytes. 


Nortel  commissioned  The  Tolly  Group  in  September  2005  to  measure 
the  Layer  2  switching  performance,  average  latency  and  standard 
deviation  of  latency  of  the  vendor’s  stackable  Ethernet  Routing 
Switch  5510/5520/5530. 


Finally,  Tolly  Group  engineers  measured  the  zero-loss  Layer  2 
throughput  of  the  Ethernet  Routing  Switch  5510-48T  in  a  stand-alone 
switch  configuration.  The  Tolly  Group  verified  that  the  Ethernet 


Engineers  measured  the  amount  of 
usable  throughput  as  experienced  by 
users.  In  addition,  they  reported  the 
stackable  switching  capacity,  or  the 
total  switching  throughput  "external” 
to  users  and  "internal"  between  switch 
stack  elements.  The  "internal"  portion 
of  this  is  not  directly  usable  by  end-user 
applications. 


In  a  dual-switch  stack  configuration  (24 
GbE  ports,  two  stacking  ports),  the 
Ethernet  Routing  Switch  5510-48T  in 
the  bottom  of  the  stack  provided  160 
Gbps  of  stackable  switching  capacity, 
that  translates  into  zero-loss,  Layer  2 
throughput  of  80  Gbps  using  40  Gigabit 
Ethernet  ports  and  two  stacking  ports 
for  the  Ethernet  frame  sizes  of  64, 128, 


256, 512, 


024, 1280  and  1,518  bytes. 


N0RTEL 


Stackable  Switching  Capacity 

of  Ethernet  Routing  Switch  5510-48T  in  an 
Eight-switch  Stack  Configuration  (320  GbE  ports) 

As  reported  by  SmartBits  SmartFlow 


Ethernet  frame  size  (Bytes) 


In  the  next  throughput  scenario,  consisting  of  an  Ethernet  Routing 
Switch  5510-48T  in  an  eight-switch  stack  configuration  (320  GbE 
ports,  40  ports  per  switch),  the  stackable  switching  capacity  was  640 
Gbps,  which  translates  into  zero-loss,  Layer  2  throughput  of  320  Gbps 
when  tested  with  Ethernet  frame  sizes  of  64, 128, 256, 512, 1024, 1280 
and  1,518  bytes. 


•  Delivers  640  Gbps  of  stackable  switching  capacity  and 
320  Gbps  of  aggregate  Layer  2,  zero-loss  throughput  in  a 
configuration  of  eight  Ethernet  Routing  Switch  5510-48Ts 
with  320  GbE  ports 

•  Introduces  extremely  low  average  latency  of  6  ~  23 
microseconds  with  0  ~  9.7  microseconds  of  standard 
deviation  in  the  stack  configuration 

•  Achieves  160  Gbps  of  stackable  switching  capacity  and 
80  Gbps  of  aggregate  Layer  2,  zero-loss  throughput  in  a 
configuration  of  two  Ethernet  Routing  Switch  5510-48Ts 
(40  GbE  ports  and  two  stacking  ports) 

•  Provides  128  Gbps  of  stackable  switching  capacity  and  64 
Gbps  of  Layer  2,  zero-loss  throughput  in  a  three-switch 
configuration  of  Ethernet  Routing  Switch  5510-48Ts  (24 
GbE  ports  and  two  stacking  ports) 


Routing  Switch  5510-48T  provides  wire-speed  throughput  for  all 
ports  by  recording  48  Gbps  of  zero-loss  Layer  2  throughput  using  48 
Gigabit  Ethernet  ports  for  the  Ethernet  frame  sizes  of  64, 128, 256, 512, 
1024, 1280  and  1,518  bytes. 

Engineers  also  evaluated  an  Intelligent  Auto  Unit  Replacement 
resiliency  feature,  examined  the  switches'  ease  of  use  and  their 
management  facilities. 

View  the  full  report  at: 

httpV/www.tolly.com/DocDetail.aspx?DocNumben=205137 


Sponsor:  Nortel 

k. . 

Document  number 
Product  Class:  Stai 

: 205137 

ckable  switch  .Trv. 

Ethernet  Routing  Switch  5510 
Ethernet  Routing  Switch  5520 
Ethernet  Routing  Switch  5530 


Testing  window:  September  2005 
For  more  info  on  this  test,  visit  http://www.nortel.com 


Citrix  NetScaler 

Application  Switch 

speeds  response  times, 

lowers  bandwidth  consumption 


Citrix  Systems,  Inc.  commissioned  The  Tolly  Group  to  examine  the 
effectiveness  of  the  Citrix®  NetScaler®  Application  Switch,  a 
purpose-built  appliance  that  provides  real-time  compression  for 
application  data,  including  the  ability  to  compress  encrypted  and 
unencrypted  data  for  Web  and  client/server  applications. 


•  Can  accelerate  the  delivery  of  enterprise 
application  data  by  as  much  as  44X 

•  Can  improve  the  download  times  for  public  Web 
pages  by  up  to  23X 

•  Can  reduce  user  response  times  by  more  than 
97.7%  and  lower  bandwidth  consumption  by  98% 

•  Speeds  application  performance  more  than 
standards-based  HTTP  compression 

•  Enhances  application  performance  with  no 
modifications  to  application  code  or  changes  to 
browser  configurations 


The  objective  of  this  evaluation  was  to  measure 
application  performance  improvements  yielded  by 
Citrix  s  new  AppCompress  Extreme™  technology.  Tolly 
Group  engineers  tested  application  acceleration 
benefits  by  measuring  the  total  round  trip  time  (in 
seconds)  for  an  actual  client  requesting  and  receiving 
application  data  from  both  a  popular  public  Web  site 
and  a  commonly-used  enterprise  application.  The 
tests  were  performed  using  a  live  Internet  connection 
whose  connection  speed  was  throttled  to  simulate  a 
true  end-user  experience. 

All  performance  measurements  were  made  at  Tolly 
Group  facilities  in  Boca  Raton,  Florida,  and  all  content 
was  hosted  at  Citrix  facilities  in  San  Jose,  California. 
Tolly  Group  engineers  tested  AppCompress  Extreme  in 
a  variety  of  customer  scenarios  using  both  56  Kbps 
and  256  Kbps  simulated  connection  speeds. 


Tolly  Group  testing  determined  that  Citrix's 
AppCompress  Extreme  differential  compression 
technology  improved  the  performance  of  standard 
Web  page  downloads  by  as  much  as  44X,  and  sped 
the  delivery  of  enterprise  application  data  by  23X.  AppCompress 
Extreme  not  only  reduced  response  times  for  the  application  client, 


Application  Acceleration  Improvements 
Over  a  Simulated  56-kbps  Dial-up  Connection 


Standard  Web  page 
with  moderate  changes 
(Google) 


Standard  Web  page 
with  no  changes 

(Rnogle) 


Enterprise 
application 
report  query 
with  moderate 
changes 
(Oracle) 


44X 

(0.3  sec) 


AppCompress  acceleration 
Extreme 


Note:  Application  data  was  hosted  in  Citrix’s  San  Jose,  California  facilities  and  accessed  via  the 
Internet  by  a  Microsoft  IE  version  6.0  client  at  The  Tolly  Group’s  testing  facilities  in  Boca  Raton,  Florida. 


but  also  lowered  overall  bandwidth  consumption  by  as  much  as 
90%. 


Sponsor  Citrix  Systems,  Inc. 


Document  number:  205138 
Product  Class:  Application  Acceleration 


Products  under  test 

•  NetScaler  Application  Switch  -- ! 

Testing  window'  June  ■! 


, 


For  more  info  onShis  test  visit 

httpy/www.citrix.conVnetscaler 


The  Citrix  NetScaler  Application  Switch  with  AppCompress  Extreme 
delivered  improved  performance  through  the  use  of  differential 
compression  technology  which  computes  the  differences  in 
application  data  occurring  between  an  initial  client  request  and  all 
subsequent  requests.  Once  the  differential  is  computed  by  the  Citrix 
appliance,  only  changed  data  is  sent  to  the  client  By  eliminating  the 
transmission  of  redundant  data  over  multiple  requests,  the  Citrix 
NetScaler  Application  Switch  improves  overall  application  response 
times  by  transmitting  far  fewer  bytes  than  is  required  with  traditional 
HTTP  compression  techniques. 


View  the  full  white  paper  at 

http://www.tolly.eom/DocDetail.aspx7DocNumben:205138 


Reflex  Security  intrusion 

prevention  appliance  blocks  net 

attacks  and  delivers  high  performance, 

reliability  and  ease  of  use 


Reflex  Security,  Inc.  commissioned  The  Tolly 
Group  to  test  the  Reflex  IPS  100  network 
intrusion  prevention  appliance.  The  Reflex  IPS 
blocks  a  comprehensive  range  of  malicious 
traffic,  including  HTTP  attacks,  Denial-of- 
Service  attempts,  scans,  backdoor  exploits, 
floods,  viruses,  and  worms. 

The  Tolly  Group  validated  the  performance  of 
the  Reflex  IPS  100,  as  well  as  the  appliance's 
effectiveness  at  detecting  and  preventing  a 


Sponsor:  ^ 

Reflex  Security,  Inc. 

Document  number:  205136 

Product  Class: 

Intrusion  prevention  appliance 

Products  under  test: 

•  Reflex  IPS  100  ver.  4.4 

Testing  window: 

September/October  2005 

For  more  info  on  this  test,  visit: 
http://www.reflexsecurity.com 


variety  of  attacks.  The  Tolly  Group  also 
evaluated  the  system's  reliability,  reporting  and 
ease  of  use. 

The  Tolly  Group  measured  the  maximum 
mixed-object  size  HTTP  throughput  across  the 
Reflex  IPS  100  with  the  Avalanche  test  tool  that 
emulates  complete  HTTP  transactions  (TCP 
open  -  HTTP  data  transfer -TCP  close).  Each 
client  requested  15  different  HTTP  data  sizes 
ranging  from  43  to  64  Kbps. 


Reflex  appliance  exceeded  its  rated  100-Mbps 
bidirectional  throughput  capability. 

Next,  Tolly  Group  tests  confirmed  the  Reflex 
IPS  100  successfully  blocked  attack  structures 
generated  by  the  BLADE  Software  IDS 
Informer  testing  tool.  The  Reflex  device 
continued  to  block  attacks  while  sustaining 
more  than  100  Mbps  of  background  traffic. 
(Please  check  out  the  Test  Summary  #205136 
for  full  details  at  http://www.tolly.com.) 

The  Tolly  Group  also  tested  the  reliability  of  the 
Reflex  IPS  appliance,  which  uses  the 
Sentrium™  disk-on-chip  architecture. 
Sentrium  eliminates  the  need  for  a  hard  disk 
within  the  appliance  and  the  related 
performance  and  failure  concerns.  Tolly 
Group  tests  confirmed  the  appliance's  ability  to 
consistently  faii-open  or  fail-closed  as 
configured.  As  a  result,  administrators  can  set 


policy  to  allow  traffic  to  pass  or  be  denied  in 
the  event  of  a  device  malfunction. 

Tolly  Group  engineers  also  noted  that  the 
Reflex  IPS  100  offers  a  powerful,  fully- 
customizable  reporting  capability  with  event 
aggregation/correlation,  robust  centralized, 
management,  and  rapid  installation.  Engineers 
verified  an  initial  install  required  just  30 
minutes. 

Overall,  Tolly  Group  tests  confirmed  the  Reflex 
IPS  100  was  able  to  meet  or  exceed  its  stated 
capabilities  for  performance,  comprehensive 
security,  reliability,  ease-of-use  and 
management 


View  the  full  report  at 

http://www.toliy.com/DocDetail.aspx7DocN 

umber=205136 


Reflex  IPS  100  Mixed-Object  Size 
HTTP  Throughput 


TOLLY 


Nortel  gateway  shines 

in  SStyiPSec  evaluation 


The  emergence  of  SSL  VPNs  is  forcing 
users  to  determine  how  best  to  integrate  the 
nascent  technology  alongside  installed 
IPSec  VPN  gateways.  The  vast  majority  of 
SSL  VPN  providers  offer  point-specific 
solutions,  meaning  their  gateways  support 
SSL  VPNs  only.  This  has  enormous 
implications  for  management  and  for  TCO. 

Nortel  has  designed  its  Nortel  VPN  Gateway 
Portfolio  with  the  installed  base  of  IPSec 
VPNs  in  mind.  Nortel's  solution  provides 
blended  support  for  both  Web-based  SSL 
VPN  access  and  IPSec  VPN  users  which 
vastly  simplifies  the  access  requirements  of 
highly  mobile  users  needing  access  from 
many  locations  and  device  types. 

Nortel  commissioned  The  Tolly  Group  to 
evaluate  the  Nortel  VPN  Gateway  3070.  Tolly 
Group  engineers  benchmarked  the 
throughput  of  the  Nortel  VPN  Gateway  3070, 
examined  the  limits  of  the  device's  scalability 


and  identified  the  extent  of  voice  quality 
supported  by  the  gateway.  Testing  was 
performed  at  The  Tolly  Group's  Boca  Raton, 
FI.,  facilities  in  March  2005. 

Tests  show  that  the  Nortel  VPN  Gateway 
3070  delivers  consistent  throughput  when 
tested  across  workgroups  scaling  from  10 
users,  to  5,000  users.  Scalability  tests  show 
that  even  as  the  number  of  users  scales  to 
5,000,  the  device  does  not  sacrifice 
significant  throughput.  Finally  the  Nortel 
VPN  Gateway  3070  proved  it  can  secure 
VoIP  communications  and  SIP  applications 
without  impacting  voice  quality. 

Tolly  Group  engineers  also  examined  the  SSL 
VPN  functionality  of  the  Nortel  VPN  Gateway 
3070  and  came  away  impressed  with  the 
application  access,  end-point  security, 
access  controls,  overall  VPN  scalability  and 
Nortel's  ability  to  support  secure  real-time 
multimedia  and  VoIP  services  over  SSL  VPN. 


The  integrated  support  for  IPSec  and  SSL 
VPNs  in  a  single  box  ensures  users  that  they 
deploy  one  box  instead  of  two,  and  that  box 
is  configured  and  managed  more  easily  than 
rival  offerings  that  require  a  box  dedicated  to 
SSL  VPNs  and  another  dedicated  to  IPSec 
VPNs.  Such  solutions  do  not  scale  well,  and 
present  significant  cost  implications  for 
widespread  deployment 

Nortel's  approach  to  SSL  VPNs  shows  that  it 
respects  the  investments  enterprises  have 
made  in  IPSec,  and  the  company 
understands  that  I  PSec  VPNs  will  be  around 
for  quite  some  time. 

Check  out  the  full  white  paper  on 
The  Tolly  Group's  Web  site  at: 

httpy/www.tolly.com/DocDetail.aspx? 

DocNumber=205103 

NGRTEL 


•  Provides  steady-state  SSL  throughput  of  600  •  Demonstrates  secure  toll-quality  VoIP  call 

Mbps,  422  Mbps  and  294  Mbps  for  no  performance  even  with  the  VoIP  traffic 
encryption,  RC4-MD5  and  DES-CBC3-SHA  protected  by  SSL  VPN 
encryption  respectively  during  the  25-user  test 

•  Exhibits  VPN  technology  integration  coupled 
•Delivers  consistently  high  3DES  VPN  with  high  scalability  and  performance  to  yield 
throughput  even  under  heavily  loaded  lower  deployment  TCO 
conditions  (5,000  user  tunnels) 


Sponsor:  Nortel 

Document  number  205103 

Product  Class:  SSL/lPSec  VPN  Gateway 

Products  under  test 

•  Nortel  VPN  Gateway  3070  version  SSL-5.03 

Testing  window:  March  2005 

For  more  info  on  this  test  visit  http://www.nortel.com 


Steady-state  SSL  Throughput  with  25  and  5,000  Users 
(Front-end  encrypted  using  Triple  DES,  back-end  unencrypted) 

As  reported  by  Spirent  Avaiance  Commander 


25  5,000 

Number  of  users  logged  in 
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Netreo  OmniCenter  vastly  simplifies 

network  management  integration 


Netreo,  Inc.  commissioned  The  Tolly  Group 
in  August  2005  to  conduct  an  extensive 
hands-on  evaluation  of  the  company's 
OmniCenter™,  a  family  of  self-contained, 
fully  integrated  IT  monitoring,  alerting  and 
reporting  tools  that  provide  easy-to-deploy 
and,  ultimately,  cost-effective 
network  management. 

Tolly  Group  engineers  examining 
OmniCenter  found  that  the  offering  provides 
extensive  visibility  into  systems,  network 
components  and  applications  anchored  on 
an  enterprise  network.  OmniCenter  is  based 


and  simplicity  for  joining 
an  existing  enterprise 
network  and  configuring 
OmniCenter  to  collect  data 
from  network  resources. 


Sponsor:  Netreo,  Inc. 


mm 


Document  number:  205134 

Product  Class:  integrated  network  management  suite 


Device  configuration  itself 
required  just  about  15 
minutes,  and  configuring 
OmniCenter  to  monitor 
and  collect  data  for  a 
number  of  test  bed 
devices  required  about  two  hours. 
Obviously,  users  with  large  numbers  of 


Products  under  test 
®  OmniCenter 
Testing  window:  August  2005 
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OmniCenter,  by  contrast,  offers  near 
zero  administration.  OmniCenter  also 
cuts  down  drastically  on 
o  the  report  generation  that 
must  be  handled  by 
personnel,  automating  the 
process  instead.  All  of  this 
adds  up  to  significant  cost 
savings  and  rapid  R0I.  In 
short,  the  payback  time  for 
OmniCenter  is  just  a  few 
months,  versus  an  entire 
year  of  costs  created  by 
complex  management 
infrastructures. 
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[♦)  Most  Errored  Interfaces 


(♦)  Highest  Utilized  Interfaces 


upon  a  clientless  architecture  that  forgoes 
software  agents  in  favor  of  using  common 
protocols  to  collect  management  data.  This 
support  for  a  range  of  standards-based 
protocols  ensures  rapid  deployment, 
painless  integration  and  minimal 
administration  overhead. 

In  our  hands-on  assessment  during 
configuration  and  deployment,  we 
encountered  a  product  that  offers  flexibility 


devices  would  require  additional  time, 
although  OmniCenter's  support  for  device 
templates  will  help  reduce  installation  effort 

Many  network  management  tools  require 
extensive  time  and  expertise  to  make 
them  run  in  the  most  fundamental  way. 
Consequently,  users  often  must  deploy  a 
small  army  of  expensive  engineers  and 
administrators  dedicated  to  the  network 
management  tools. 


Beyond  costs,  users  need 
to  consider  the  soft 
benefits  of  the  OmniCenter 
service.  The  ability  of  the 
service  to  reduce  annual 
high  latency  minutes,  and 
reductions  in  downtime 
minutes,  equally  translate 
to  sizable  hard  dollar 
savings.  Users  need  to 
consider  the  simplicity  of 
OmniCenter  and  how  it  enables  cost 
savings  versus  complex  network 
management  infrastructures  and  the 
army  of  specialists  they  demand. 


View  the  full  white  paper  at: 

httpy/www.tolly.com/DocDetail.aspx?Doc 

Number=205129 


Level  5  Networks 

Etheifabric  Gigabit 

Ethernet  NIC  outperfomis 
conventional  Ethernet  for 

accelerated  application  performance 

Level  5  Networks,  Inc.  commissioned  The  Tolly  Group  to 
evaluate  its  EtherFabric  EF1-21022T,  a  dual-port  Gigabit 
Ethernet  (GbE)  network  interface  that  is  designed  to 
replace  a  traditional  GbE  interface  seamlessly  and 
accelerate  application  performance  by  speeding 
network  I/O  operations  and  improving  host  CPU 
efficiency  by  streamlining  network  processing. 


The  Tolly  Group  conducted  a  battery  of  three  tests  on  the 
EtherFabric  EF1-21022T  and  compared  its  performance 
against  two  leading  conventional  Ethernet  LAN-on- 
Motherboard  (LoM)  chipsets,  a  Broadcom  BCM  5721 
NetXtreme  Gigabit  Ethernet  Controller  chipset 
(integrated  in  an  IBM  eServer  xSeries  336)  and  an  Intel 
Corp.  82541  El  Gigabit  Ethernet  Controller  chipset 
(integrated  in  a  Dell  PowerEdge  1850  server). 

Tests  showed  conclusively  that  the  EtherFabric  EF1- 
21022T  enabled  a  molecular  dynamics  high 
performance  computer  simulation  application  called 
GROMACS  to  scale  significantly,  over  conventional 
Ethernet  EtherFabric  delivered  as  much  as  167%  more 
simulation  runs  per  day  (equal  to  419.17  thousands  of 
picoseconds  of  simulation  per  day)  than  the 
conventional  Ethernet  LoM  solution.  The  test  involved 
running  the  simulation  on  16  processors  connected 
using  both  Gigabit  ports  on  the  EtherFabric  NIC  bonded 
into  a  single  channel,  called  EtherFabric  striped-mode. 


Sponsor:  Level  5  Networks,  Inc. 

Document  number:  205125 

Product  Class:  PCI-based  Gigabit  Ethernet  NIC 

Products  under  test 

•EtherFabric  EF1-21022T 

•  Broadcom  BCM5721  NetXtreme 
Gigabit  Ethernet  Controller  chipset 

•  Intel  Corp.  82541  El  Gigabit  Ethernet  Controller 

//Testing  window:  June  2005 

For  more  info  on  this  test,  visit 

;  http://www.level5networks.com 


In  EtherFabric  striped  mode  with  only  eight  processes  active,  the 
EtherFabric  EF1-21022T  delivered  81%  more  simulation  time  per  day 
than  the  LoM  solution,  45%  more  with  four  processes  active  and  23% 
with  two  processes  active. 

Engineers  also  measured  the  latency  between  applications  and 
EtherFabric 's  ability  to  increase  the  available  bandwidth  using  the 
NetPerf  performance  tool.  Netperf  is  a  benchmark  that  provides 
tests  for  both  unidirectional  throughput  and  end-to-end  latency.  The 
EtherFabric  EF1-21022T  delivered  more  than  double  the 
unidirectional  TCP  throughput  when  tested  with  smaller,  more  taxing 
message  sizes  of  64  bytes,  in  single-port  mode  versus  both  an  Intel 

Scalability  Comparison  of  Level  5  Networks  EtherFabric 
versus  LAN-on-Motherboard 

GROMACS  Molecular  Simulation  over  SCALI MPI  8-node  Cluster  of 
dual  Xeon-based  Dell  PowerEdge  1850  Servers  populated  with 
Level  5  Networks  EtherFabric  NICs 


-  EtherFabric  -  Two  ports  in  striped  mode 

-  EtherFabric  -  Single  port 

-  LAN  on  motherboard 


82541  chipset  (residing  in  a  Dell  PowerEdge  1850)  and  Broadcom 
BCM5721  chipset  (embedded  in  an  IBM  eServer  xSeries  336).  The 
EtherFabric  EF1-21022T  delivered  up  to  33%  more  throughput  at  128- 
byte  message  sizes  in  single-port  mode. 

The  Tolly  Group  also  used  the  PingPong  test  of  the  PALLAS  PMBj 
MPI-1  benchmark  to  measure  the  one-way  latency  for  various] 
message  sizes.  The  EtherFabric  EF1-21022T  introduced  about  one- 
fourth  the  one-way  latency  of  the  LoM  technology,  fori 
0-byte  messages.  “ 

View  the  full  white  paper  at 

httpy/www.tolly.com/DocDetail.aspx?DocNumber=205125 
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e-mail  software,  last  week  expanded  its 
product  line  to  help  IT  maintain  that  grip 
even  as  employees  travel.  Good  Mobile 
Defense,  an  optional  add-on  is  scheduled 
for  release  in  January  for  the  company’s 
GoodLink  wireless  messaging  software,  lets 
administrators  control  five  key  aspects  of 
security  policy  over  the  air  (see  graphic), 
says  Dan  Rudolph,  director  of  product  man¬ 
agement  at  Good. 

The  product  is  based  on  SureWave 
Mobile  Defense,  which  Good  acquired  ear¬ 
lier  this  year  through  its  purchase  of  JP 
Mobile.  It  uses  the  GoodLink  messaging 
mechanism  to  reach  and  modify  devices  in 
the  field,  Rudolph  says. 

Tools  on  the  market  now  let  administra¬ 
tors  control  mobile  devices,  such  as  soft¬ 
ware  that  disables  the  digital  cameras  built 
into  phones.  But  the  IT  department  has  to 
get  the  device  into  its  hands  or  rely  on  the 
user  to  carry  out  changes,  according  to 
Rudolph. 

“One  of  the  shortcomings  in  the  past  has 
been  IT’s  inability  to  enforce  the  policies 


WIRED  WINDOWS 

Dave  Kearns 


When  Bill  Gates  and  Ray  Ozzie  rolled  out 
Windows  Live  and  Office  Live  a  couple  of 
weeks  ago,  they  didn’t  use  the  phrase  “Web 
2.0,”  but  they  did  appear  to  embrace  some 
of  what  that  phrase  embodies.  The  Live 
products  are  all  about  Web-based  services 
that  you  can  combine  (“mash,”  in  the  par¬ 
lance  of  Web  2.0)  and/or  build  to  create 
useful,  even  personalized,  applications 
and  output.  What  they  didn’t  mention, 
though,  is  the  same  dirty  little  secret  that 
most  Web  2.0  proponents  would  rather 
you  didn’t  think  about. 

That  skeleton  in  the  closet  is  what  one 
developer  termed  the  “drive-by  upgrade.” 
Writing  on  O’Reilly’s  Macintosh  weblog 
(www.networkworld.com,  DocFinder: 
9728),  Fraser  Speirs,  a  developer  from 
Scotland,  recounts  what  happened  to  his 
carefully  crafted  assemblage  of  information 
based  on  Google  maps.  Then  Google  “up¬ 
graded”  the  maps  service,  and  the  new  ver- 


on  handheld  devices 

Mobile  management 

A  sampling  of  Good  Mobile  Defense  capabilities: 

•  Advanced  password  management,  including  setting  and  resetting  passwords  for  devices  and  applications, 
as  well  as  forcing  employees  to  use  strong  passwords. 

•  Device  use  control,  such  as  blocking  access  to  Bluetooth,  Wi-Fi,  camera  or  synchronization  software. 

•  Application  lockdown,  in  which  IT  can  create  and  modify  a  "white  list"  of  programs  users  are  allowed 
to  download  and  run. 

•  Encryption  management,  application-specific  rules  about  which  types  of  data  on  the  device  have  to 
be  encrypted. 

•  Data  erasing,  for  setting  policies  on  what  actions  —  such  as  three  failed  password  attempts  — 
should  trigger  the  erasure  of  all  data  on  the  device. 


once  the  device  is  in  users’  hands,”  he  says. 
“It’s  been  incumbent  on  the  user  to  actual¬ 
ly  comply  with  and  download  the  policies 
that  IT  sets.” 

Good  Mobile  Defense  lets  administrators 
manage  passwords,  encryption  and  more. 

Industrial  Bank,  in  Washington,  D.C.,  earlier 
this  year  chose  GoodLink  to  give  execu¬ 


tives,  loan  officers  and  some  other  employ¬ 
ees  mobile  access  to  their  Microsoft  Ex¬ 
change  e-mail.  It  has  issued  Palm  Treo  650 
handhelds  from  Cingular  Wireless  to  25  em¬ 
ployees  so  far.  GoodLink  had  security  capa¬ 
bilities  that  Research  In  Motion’s  (RIM) 
BlackBerry  products  didn’t  have,  including 
See  Handheld,  page  28 


Skeleton  in  Web  app  closet 


sion  didn’t  interact  with  the  Mac’s  Safari 
browser  in  the  same  way,  so  Speirs  would 
need  to  redo  much  of  his  hard  work. 

Before  you  decide  to  roll  out  a  new  appli¬ 
cation  or  a  new  service  for  your  users,  you 
always  (I  hope)  test  it  in  the  lab  first.Then, 
depending  on  its  potential  for  mischief,  roll 
it  out  to  small  subsets  of  your  user  base, 
gradually  checking  along  the  way  that 
everything  is  working  correctly 

Even  after  all  that, should  a  potential  flaw 
be  discovered  it’s  relatively  easy  (if  time- 
consuming)  to  roll  back  the  upgrade  or 
even  reinstall  the  last-known  good  version 
of  the  application  or  service.  Google  wasn’t 
going  to  do  that  for  Speirs;  would  you  ex¬ 
pect  Microsoft  to  do  it  for  you? 

It’s  not  as  if  upgrades  to  Microsoft  appli¬ 
cations  and  services  go  smoothly  right?  Just 
about  every  Windows  upgrade  in  the  past 
five  years  has  broken  something.  Even 
changes  to  Microsoft  Office  applications 
can  cause  hardships  as,  for  example,  when 
a  new  format  in  Word  isn’t  recognized  by 
older  versions. 

While  Windows  Live  and  Office  Live  are 
targeted  at  home  users  and  tiny  businesses 
(those  with  fewer  than  10  employees),  the 


trend  has  always  been  for  users  to  clam¬ 
or  at  work  for  the  same  features  they 
have  at  home. 

It’s  not  too  early  to  be  active  with  warn¬ 
ings  to  your  users  about  the  hidden  pit- 
falls  of  Web-based  applications  that  are 
beyond  their  (and  your)  control. 
Creating  whiz-bang  output  is  only  good 
as  long  as  you  can  read  it.  Betamax  video 
and  eight-track  audio  also  were  once  the 
latest  technology. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired 
@oquill.com. 


Tip  of  the  Week 


■  “From  the  start,  the  World  Wide  Web  has 
been  a  vessel  of  quasi-religious  longing."  So 
begins  Nick  Carr's  essay  on  Web  2.0 
(DocFinder:  9729).  It's  a  must  read  for 
technological  realists  who  have  to  battle 
daily  against  the  notion  that  computers  (and 
the  Web)  can  produce  miracles. 
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TURNED  AWAY 


AT  THE  GATE 


MICROSOFT.COM/SECURITY/IT 


Microsoft* 
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Find  tools  and  guidance  to  defend  your  network  at  microsoft.com/security/IT 


''  • 


Free  Tools  and  Updates:  Streamline  patch  management 
with  automated  tools  like  Windows  Server  Update  Services. 
And  verify  that  your  systems  are  configured  for  maximized 
security  with  Microsoft  Baseline  Security  Analyzer. 


■  '  .  r 

Antivirus  for  Exchange:  Download  a  free  trial  of  Antigen  for  : 
Exchange  and  arm  your  e-mail  server  with  powerful  multi-engine  • 
protection  from  viruses,  worms,  and  inappropriate  content.  '■;>$ 


Microsoft  Risk  Assessment  Tool:  Complete  this  free,  online 
self-assessment  to  evaluate  your  organization's  security 
practices  and  identify  areas  for  improvement. 


►  Learning  Paths  for  Security:  Take  advantage  of  in-depth  :  •  Mi 
oniine  training  tools  and  security  expert  webcasts  organized 
around  your  specific  needs.  Then  test  your  security  solutions 

in  virtual  lahc  all  available  rtn  TorhMot  ■■■.'■ 


in  virtual  labs,  all  available  on  TechNet. 
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c  ZOOS  Microsoft  Corporation  All  rights  reserved.  Microsoft.  Antigen,  and  Windows  Server  are  either 
registered  trademarks  or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries 
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Atempo  adds  encryption  to  data  manager 


tempo's  security  and  compliance  module 

Software  lets  IT  use  templates  to  enforce  security  for  data  that  must  be 
protected  for  compliance  purposes. 


lime  Navigator  Security  &  Compliance  Manager  -  Version  4.U 


Catalog  Cgrtficatos  Security  lemplatei  &ulw  tMP 
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test 


*cm  ]$-*  tirwa 


Sarbanes  Oxley 


Network  Encryption  Algorithms:  3des 
Network Encryption  Hesh  Names:  shal 
Ffe  Encryption  Algorithms:  twofish 
Fie  Encryption  Hash  Names:  shal 

Minimum  Retention:  10  days 
Maximum  Retention:  none 


Certificate:  Maryfcse 


• — — ; — — — — — 

Start  Date:  Wednesday,  19  October,  2005 
Expretion  Date:  Thursday,  29  December,  2005 


In  this  window,  admin  has  set  the 
type  of  encryption  that  will  be  used 
for  Sarbanes-Oxley  data. 


Admin  has  specified  that  Marylise 
holds  the  certificate  for  the  data. 


if  'VWT* 


BY  DENI  CONNOR 

Atempo  last  week  introduced  software 
that  lets  customers  encrypt  data  on  storage 
devices  and  protect  it  from  tampering  and 
eavesdropping. 

The  new  Security  and  Compliance 
Manager  (SCM)  software  runs  on  top  of 
Atempo’s  existing  Time  Navigator  software 
and  provides  digital  signatures,  hierarchi¬ 
cal  key  management,  strong  encryption, 
hash  algorithms  and  detailed  reporting  to 
protect  data.  Time  Navigator  protects  and 
migrates  data  across  heterogeneous  envi¬ 
ronments  and  multiple  storage  architec¬ 
tures,  including  direct-attached,  network- 
attached  and  Fibre  Channel,  as  well  as  IP 
storage-area  networks. 

SCM  can  be  used  for  record  retention 
and  compliance  purposes  to  make  sure 
data  is  not  altered.  It  uses  Advanced 
Encryption  Standard  256  and  Triple-DES 
encryption. 

Maurice  Auger,  IT  manager  for  Data  Base 
File  Tech  Group  (DBFT),  a  storage-service 
provider  in  Victoria,  British  Columbia,  plans 
to  implement  SCM. 

“We  have  a  storage  back-up  and  archival 
system  we  sell  on  a  subscription  basis  to 
customers,”  Auger  says. “We  use  Time  Navi¬ 


gator  to  back  up  these  clients.  One  of  the 
challenges  is  these  customers  need  to  back 
up  more  securely,  whether  it’s  financial  or 
medical  data.” 

Auger  uses  the  Blowfish  encryption  in 
Time  Navigator.  With  SCM,  he  will  be  able 


to  offer  clients  a  variety  of  encryption 
methods. 

Time  Navigator  captures  and  catego¬ 
rizes  structured  database  and  unstruc¬ 
tured  e-mails  and  files  and  passes  them 
to  SCM,  which  encrypts  them. The  data  is 


then  backed  up,  and  when  necessary 
moved  from  more-expensive  primary 
storage  to  less-expensive  secondary  stor¬ 
age  or  tape  as  it  ages  and  is  accessed  less 
often. 

Time  Navigator  SCM  provides  templates 
for  the  Sarbanes-Oxley  Act,  the  Securities 
and  Exchange  Commission  17a,  the  Health 
Insurance  Portability  and  Accountability 
Act  and  other  regulations.  With  the  tem¬ 
plates,  organizations  also  can  set  retention 
and  deletion  policies. 

SCM  competes  with  appliances  from 
Decru  and  NeoScale,  which  sit  in  the  data 
path  and  like  SCM  intercept  data  as  it  is 
backed  up. 

It  is  one  of  the  first  back-up  products  to 
include  encryption.  Symantec,  for  exam¬ 
ple,  supports  encryption  in  NetBackup, 
whereas  EMC’s  Legato  Networker  does 
not. 

Time  Navigator  software  resides  on  a 
Windows,  Linux,  AIX,  HP-UX  or  SGI  Irix 
back-up  server  and  protects  all  these  envi¬ 
ronments,  as  well  as  Mac  OS  X,  NetWare 
and  VMS  servers.  Time  Navigator  SCM  is 
priced  by  the  number  of  servers  and  stor¬ 
age  nodes  protected.  It  starts  at  $7,500  for 
10  clients.* 


Handheld 

continued  from  page  25 

compliance  with  Federal  Information  Processing  Stan¬ 
dards,  says  Michael  Johnson,  the  banks  director  of  infor¬ 
mation  services. These  capabilities  helped  the  deployment 
plan  pass  a  rigorous  review  by  management,  he  says. 

Johnson  says  he  welcomes  Good  Mobile  Defense  for 
maintaining  central  control  of  the  remote  devices.  He  says 
he  wants  the  ability  to  lock  out  features  of  the Treos, enforce 
password  policies  and  delegate  specific  capabilities  to  em¬ 
ployees  based  on  their  roles.The  bank  delivered  the  Treos 
to  users  without  the  synchronization  cable  for  uploading 
content  and  applications  from  a  PC,  and  employees  don’t 
have  the  administrative  rights  to  load  the  Palm  Desktop  syn¬ 
chronization  software  on  their  PCs. 

Johnson  says  he  hopes  to  deploy  custom  loan-processing 
applications  to  the  Treo  650s.  Having  loan  applications  on 
handheld  devices  could  allow  loan  officers  to  cut  hours  or 
days  from  approval  time  or  even  approve  loans  while  at  the 
borrower’s  location,  he  says.  Industrial  is  a  relatively  small 
bank,  with  about  $300  million  in  assets  and  eight  branches 
in  Maryland  and  the  District  of  Columbia,  and  the  market 
for  loans  is  highly  competitive,  Johnson  says.“As  a  bank  that 
doesn't  have  the  resources  of, say, a  Bank  of  America,  we’ve 
got  to  use  every  advantage  we  can,”  he  says. 

Users  need  mobile  devices  with  e-mail  and  application 
access,  and  security  is  a  critical  concern, says  Kitty  Weldon, 
an  analyst  at  Current  Analysis. Once  handhelds  are  used  to 
access  corporate  databases  or  applications,  the  IT  depart¬ 
ment  will  want  to  own  and  control  them, she  says. 

Good  is  facing  tough  competition  from  RIM's  BlackBerry 
handhelds  and  its  BlackBerry  Connect  software  for  other 
vendors’  devices,  as  well  as  from  Microsoft  as  it  rolls  out 
Windows  Mobile  5.0.  Weldon  says.  RIM’s  system  is  quite 


secure  when  used  with  a  BlackBerry  but  Good  now  seems 
to  have  the  edge  over  Windows  Mobile  and  BlackBerry 
Connect, she  says  “If  there  is  room  for  a  third,  it’s  going  to  be 
Good, "Weldon  says. 

Existing  customers  of  Good  will  be  able  to  buy  Good 
Mobile  Defense  starting  in  January,  and  later,  users  will  be 
able  to  buy  it  on  a  monthly  basis  through  carrier  partners 
that  sell  Good’s  software,  Rudolph  says.  Prices  have  not 
been  set,  but  a  one-time  license  fee  should  be  less  than 
$100  per  user,  he  says.  Added  to  the  monthly  fee  for  a  carri¬ 
er’s  data  plan.  Good  Mobile  Defense  would  probably  cost 
between  $5  and  $7  per  user,  he  says.  Customers  who  don’t 
use  GoodLink  could  buy  the  Good  Mobile  Defense  but 
would  not  get  the  over-the-air  management  capability. 

Good  also  announced  last  week  that  it  will  preload 
McAfee  VirusScan  Mobile  in  the  Good  Management 
Console,  which  is  used  to  control  GoodLink.  IT  administra¬ 
tors  will  be  able  to  more  easily  push  the  anti-virus  software 
out  to  employees’  devices. The  McAfee  software  will  be 
available  in  a  trial  version,  and  companies  can  buy  full 
licenses  from  McAfee,  Rudolph  says.They  also  will  be  able 
to  set  policies  regarding  the  presence  of  the  anti-virus  soft¬ 
ware,  such  as  requiring  that  it  be  on  the  device  before  any 
other  software  is  loaded,  he  adds.* 


nww.com 

Wireless  blogger 

Let  Senior  Editor  John  Cox  keep  you  up  to  speed  on  wireless  nets. 
Recent  posts  highlighted  a  wireless  mesh  project  in  Michigan  and  a  pro¬ 
posed  law  for  wireless  hot-spot  security. 

Doc  Finder:  9733 


Linux  promoted 
for  mobile  phones 

BY  JOHN  COX 

A  new  vendor  group  plans  to  create  specs  for  Linux- 
based  phone  services. 

The  Linux  Phone  Standards  Forum  (LiPS)  will  outline 
APIs  and  Linux  systems  services  for  phones  running  the 
open  source  operating  system.  Programmers,  handset  mak¬ 
ers  and  network  operators  will  then  quickly  be  able  to  cre¬ 
ate  and  deploy  telephony  applications  for  Linux  devices, 
according  to  LiPS  members. 

“We  want  to  create  a  standard  Linux  implementation”  for 
phones,  says  Michel  Gien,  vice  president  of  the  LiPS  execu¬ 
tive  committee  and  executive  vice  president  of  corporate 
development  for  Jaluna.a  LiPS  founder. “Motorola  has  cre¬ 
ated  Linux  phones,  but  they  had  to  do  it  from  scratch.  A  stan¬ 
dardized  platform  makes  it  easier  to  create  these  products.” 

Founding  members  include  Arm,  France  Telecom/ 
Orange,  Open  Plug  and  PhlmSource. 

As  open  source,  Linux  is  an  attractive  alternative  to  pro¬ 
prietary  handset  platforms  from  Microsoft  and  Symbian, 
supporters  say.  Groups  such  as  the  Open  Mobile  Terminal 
Platform  Group  and  Open  Mobile  Alliance  have  been 
defining  a  range  of  low-level  functions  on  Linux  mobile 
phones,  such  as  fast  boot  times  and  power  management. 

But  Lil^S  will  focus  on  defining  high-level  interfaces  need¬ 
ed  to  create  and  interact  with  carrier-based  services,  Gien 
says.  The  group  plans  to  create  a  testing  and  certification 
process  and  to  have  its  first  specifications  for  basic  func¬ 
tions  and  interfaces  ready  in  early  2006.  Products  imple¬ 
menting  the  specs  should  appear  about  a  year  later.  ■ 
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Introducing  the  EtherScope™  Wireless  Network 
Assistant  -  designed  to  help  you  keep  your 
802.11a/b/g  network  secure  and  in  control. 

Does  everyone  on  your  wireless  network  have 
permission  to  be  there?  Are  all  your  access  points 
secured?  Fluke  Networks'  new  Wireless  EtherScope 
automatically  discovers  wireless  devices,  clearly 
identifying  those  that  are  unauthorized  and  unpro¬ 
tected  so  you  can  hunt  down  rogues  and  patch 
security  vulnerabilities.  Add  Gigabit  LAN  analysis 
to  your  EtherScope  to  troubleshoot  problems  on 
both  sides  of  the  access  point.  EtherScope  is  the 
only  portable,  handheld  analyzer  with  visibility 
into  wireless  and  wired  networks  so  you  can  solve 
problems  fast. 


Decide  for  yourself  whether  or  not  the 
EtherScope  Network  Assistant  will  be  your  next 
new  hire.  Go  to 

to  take  a  tour  of  the  virtual  demo,  request  an 
onsite  demo  on  your  network  and  get  your 
hands  on  our  free  Wireless  poster. 


EtherScope™  Wireless 
Network  Assistant 


NETWORKSUPERVISION™ 


Improving  network  security  and 
performance  is  rarely  as  simple 
as  plugging  in  a  box.  This  time  it  is. 

Spammers  and  hackers  are  gunning  for 
your  network.  Stop  them— and  bandwidth 
waste— -with  3Com's  TippingPoint™  Intrusion 
Prevention  System.  Named  Best  Security 
Solution  for  2005  by  SC  Magazine ,  our 
plug-and-play,  total-flow  inspection  at 
multi-Gigabit  speeds  ensures  that  the  only 
traffic  on  your  system  is  traffic  you  want 
there.  Learn  more  through  our  white  papers 
available  online  or  by  calling  1-888-TRUE  IPS. 


TippingPoint 


a  division  of  3Com 


v  tippingpoint.com/6etTheDetails 


"SC  A‘,»v*/’ne  awarded  T.pp.ngPomt  Intrusion  Prevention  System,  formerly  known  as  UnityOne.’"  Best  Security  Solution  tor  2005 
Copyright  C  2005  3Com  Corporation  All  rights  reserved  3Com  and  the  3Com  logo  are  registered  trademarks  of  3Com  Corporation 
All  other  company  and  product  names  may  be  trademarks  of  their  respective  companies 
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BMC  CTO  talks  IT  management 


BMC  Software  CTO  Tom  Bishop, 
formerly  CTO  of  Tivoli  Software, 
came  on  board  at  BMC  earlier  this 
year,  bringing  his  20  years  of  IT  man¬ 
agement  experience  to  help  BMC 
evolve  from  a  point-product  vendor 
to  an  IT  service  management 
provider.  Recently,  Bishop  spoke  with 
Network  World  Senior  Editor  Denise 
Dubie  about  his  plans  and  directions  for  the  company 

Tell  me  about  your  responsibilities  at  BMC. 

One  of  the  primary  responsibilities  I  have  is  helping  drive  a 
key  part  of  BMC’s  Business  Service  Management  strategy  the 
whole  integration  platform  called  Atrium.  I  am  currently 
involved  in  the  design  and  the  implementation  of  that  tech¬ 


nology  within  the  R&D  organization. 

Could  you  elaborate  a  bit  on  the  Atrium  platform? 

BMC  has  been  known  as  a  very  good  point-product  compa¬ 
ny  —  having  good  products  in  a  lot  of  different  areas  but  not 
having  made  a  significant  investment  in  integration  technolo¬ 
gy  in  the  past.  Certainly  not,  for  example,  in  the  way  that  peo¬ 
ple  historically  viewed  Tivoli.  What  we  have  been  doing  now 
for  a  couple  of  years  is  integrate  a  number  of  products  togeth¬ 
er  around  what  we  call  pillars.There  are  five  pillars  [in] 
Atrium.There  is  a  presentation  component,  which  consists  of 
the  dashboard  and  reporting  pillars.There  is  a  CMDB  [config¬ 
uration  management  database]  component,  which  is  speci¬ 
fied  by  IT1L  [Information Technology  Infrastructure  Library]. 
We’ve  got  a  service  model,  which  is  also  being  added  as  part 
of  the  CDMB.and  finally  we  are  embracing  Web  services  as  a 
core  component  of  the  Atrium  architecture.  All  these  form  the 

See  Bishop,  page  32 


Sniffer  gets  enterprise-scale  upgrade 


Short  Takes 


■  Computer  Associates  is  selling  its 
Ingres  database  technology  to  private 
equity  firm  Garnett  &  Helfrich  Capital, 
which  is  forming  a  new  company,  Ingres 
Corp.,  to  develop  and  market  the  open 
source  software.  The  financial  terms  of 
the  deal  were  not  disclosed.  CA  released 
Ingres  last  year  as  an  open  source  prod¬ 
uct,  reviving  interest  in  the  software. 
Databases  have  never  been  a  core  part  of 
CA's  portfolio;  CA  CEO  John  Swainson 
cast  the  Ingres  sale  as  part  of  a  larger 
effort  to  streamline  the  collection  of  appli¬ 
cations  CA  acquired  during  the  1990s,  one 
of  which  was  Ingres  (from  a  1994  buyout  of 
ASK/Ingres).  CA  retains  a  minority  owner¬ 
ship  stake  in  Ingres.  Garnett  &  Helfrich 
Capital,  headquartered  in  Menlo  Park, 
Calif.,  was  formed  last  year  and  has  a 
fund  of  $350  million  with  which  it  invests  in 
midsize  technology  spinoff  ventures. 

■  InfoVista  last  week  announced  a 
software  product  that  could  help  IT 
managers  plan  for  server  capacity. 
Vistalnsight  for  Servers  2.0  mea 

sures  the  utilization  of  a  company’s 
server  infrastructure.  It  also  groups 
servers  based  on  what  they  are  sup¬ 
porting  —  an  Oracle  database,  for 
example.  InfoVista  says  the  enhanced 
software  allows  IT  managers  to  get  a 
corporatewide  view  of  their  servers’ 
performance  in  supporting  business 
applications  and  services.  The  software 
also  provides  metrics,  such  as  server- 
and  application-response  time,  that 
reveal  how  well  a  company's  servers 
respond  to  demand.  Vistalnsight  for 
Servers  2.0  is  available;  prices  start  at 
$35,000  to  $40,000. 

■  Messaging  management  vendor  Lucid8 
this  month  will  release  continuous-data- 
protection  software  that  helps  protect  e- 
mail  stored  in  Microsoft  Exchange. 
DigiVault  is  disk-based  backup  designed 
to  help  end  users  prevent  data  loss  and 
to  aid  in  the  recovery  of  corrupt  mailbox¬ 
es  on  the  Exchange  server.  The  software 
includes  a  feature  called  SingleTouch, 
which  lets  users  recover  data  from  any 
point  in  time.  Initially,  DPM  backs  up  data 
only  on  Windows  file  servers  and  net¬ 
work-attached  storage  devices,  not  appli¬ 
cation-layer  data.  DigiVault  is  expected  to 
ship  by  year-end  and  is  priced  starting  at 
$695  for  25  mailboxes. 


BY  DENISE  DUBIE 

Network  General  last  week  detailed 
product  enhancements  that  will  make  it 
possible  to  centrally  manage  distributed 
copies  of  its  popular  Sniffer  protocol- 
analysis  tools. 

The  company,  which  McAfee  sold  to 
investors  for  $275  million  last  year  after 
acquiring  it  in  1997  for  $1.3  billion,  says 
the  enhancements  are  just  one  example 
of  efforts  underway  to  return  it  to  its  for¬ 
mer  glory. 

Investors  have  brought  in  new  manage¬ 
ment  —  company  President  Michael  Pope 
joined  in  March  —  and  have  ratcheted  up 
head  count  from  450  to  600.  Rope  says  that 
at  the  time  of  the  buyout  there  were  only 
four  people  in  support.  Now  there  are  40, 
and  R&D  has  climbed  from  130  to  more 
than  200  employees. About  $30  million  was 
spent  on  R&D  last  year,  and  about  that  same 
amount  will  be  spent  this  year. 

“We  have  invested  heavily  in  R&D  to  take 
our  protocol-analysis  and  troubleshooting 
expertise  to  a  higher  level  for  enterprise 
customers,”  Pope  says.  He  adds  that  the 
upgrades  will  send  competitors  such  as 
NetScout  scrambling,  because  Sniffer  “is  no 
longer  just  a  point  product.” 

Network  General  has  enhanced  multi¬ 
ple  products  in  its  Sniffer  portfolio,  as  well 
as  enabled  its  Distributed,  Portable  and 


InfiniStream  core  product  suites  to  better 
interoperate. 

Sniffer  Infinistream  2.5,  a  LAN  traffic¬ 
monitoring  and  packet-capture  tool,  has 
added  ATM  WAN  support.  With  the  prod¬ 
uct’s  4T-byte  storage  capacity,  network 
administrators  can  troubleshoot  prob¬ 
lems  on  a  range  of  links  by  replaying 
packets  captured  over  hours  or  days.The 
company  also  announced  the  i  120  appli¬ 
ance,  which  is  a  1U  device  designed  for 
network-edge  and  small  network  deploy¬ 
ments  that  can  capture  months  of  net¬ 
work  traffic  data  and  can  store  up  to 
300G  bytes  of  data.  The  il20  comple¬ 
ments  the  existing  i  1 620  appliance, 
which  has  4T  bytes  of  storage  and  comes 
in  three  models,  and  the  i420,  another 
packet-capture  appliance  that  comes 
with  IT  byte  of  storage. 

Sniffer  MultiSegment  Intelligence  is  a 
software  product  that  runs  on  top  of  other 
products  and  tracks  the  performance  of 
Web-based  applications  across  network, 
server  and  database  environments.  Net¬ 
work  General  says  the  product  targets 
environments  that  generate  HTTPS  and 
SQL  traffic,  such  as  Oracle,  IBM  DB2, 
MySQL  and  Microsoft  SQL  Server. 

Sniffer  Enterprise  Administrator  4.0 
makes  it  possible  to  collect  in  real  time 
and  store  data  from  as  many  as  100  dis¬ 


tributed  Sniffer  probes  loaded  with  soft¬ 
ware  agents.  The  software  comes  loaded 
on  a  Windows  XP  server  and  auto-discov- 
ers  Distributed  Sniffer  appliances,  and  also 
is  available  as  software  only 

The  products  are  scheduled  to  be  avail¬ 
able  next  month,  when  Network  General 
will  determine  pricing.The  company  plans 
to  share  the  news  with  more  than  100  cus¬ 
tomers  at  its  Sniffer  User  Summit  2005  this 
week  in  Miami. 

Jeff  Duke,  senior  network  engineer  for 
the  State  of  Indiana  in  Indianapolis,  is 
beta-testing  the  upgrade  of  the  Visualizer 
reporting  tool  to  support  25  distributed 
Sniffers  installed  at  key  points  of  the  net¬ 
work,  which  supports  30,000  end  users. 
Duke  also  uses  Sniffer  Portable  tools  for 
on-the-spot  troubleshooting  and  problem 
resolution.  Duke  says  Visualizer  4.0  is  a 
boon,  letting  him  collect  data  in  20  min¬ 
utes  where  it  used  to  take  24  hours. 

“We  use  Sniffer  to  troubleshoot  and 
diagnose  network-related  application- 
performance  problems,”  Duke  says.  “I’ve 
dealt  with  Sniffer  for  about  10  years  and 
when  they  made  it  possible  to  remotely 
manage  and  monitor  distributed  Sniffers 
and  report  on  the  traffic  there  —  instead 
of  lugging  a  laptop  out  and  hoping  to 
catch  the  problem  —  for  me,  it  was  the 
best  thing  since  sliced  bread.”® 
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Sony’s  anti-piracy  ‘khesterex  thath’ 


NET  INSIDER 


Scott  Bradner 

The  latest  entry  in  the  “all  my 
customers  are  thieves”  parade  is 
Sony  Music,  but  no  one  could  see 
the  company  marching  along. 
Sony  was  finally  discovered  in 
this  parade  when  a  researcher 
found  and  disabled  the  Romulan- 
or  Klingon-like  cloaking  system 
that  the  company  had  surrepti¬ 
tiously  installed  in  PCs  that  had 
been  used  legally  to  play  some 
Sony  music  CDs. 

The  discovery  raised  quite  a 
ruckus,  just  like  the  last  time  a 
music  company  tried  to  slip  in 
restrictions  on  the  buyer’s  ability 


to  use  a  product. You  would  think 
music  companies  would  learn  to 
just  be  clear  about  what  they  are 
doing. 

The  arrogance  of  companies 
that  secretly  install  software  when 
the  customer  uses  a  product  as  it 
is  intended  to  be  used  is  quite 
amazing.Such  companies  act  as  if 
the  only  use  of  the  customer’s  PC 
is  in  conjunction  with  their  prod¬ 
uct.  They  do  not  consider  what 
would  happen  if  all  vendors  in¬ 
stalled  their  own  special  software; 
the  user’s  PC  could  quickly 
become  unusable  because  of 
hundreds  of  programs  running  at 
the  same  time. 

But  the  situation  with  the  Sony 
system  is  a  particularly  bad  one. 
Not  only  does  Sony  sneak  soft¬ 
ware  onto  your  machine,  but  the 
software  could  be  used  to  hide  all 


sorts  of  malware.  With  this  demon¬ 
stration,  Sony  also  has  told  the 
bad  guys  how  to  make  their  evil 
adware  and  spyware  even  harder 
to  find  and  eliminate.  Internet 
researcher  Mark  Russinovich  has 
posted  a  detailed  description  of 
the  Sony  abomination  and  how  it 
works  (www.networkworld.com, 
DocFinder:9734). 

Even  worse,  hundreds  of  other 
companies  and  Internet  attackers 
could  decide  to  write  and  surrep¬ 
titiously  install  their  own  cloaking 
software  on  your  computer.  Each 
of  these  could  be  hiding  different 
sets  of  programs. 

Once  installed  (by  listening  to  a 
Sony  music  CD  on  your  PC),  the 
Sony  software  renders  invisible 
any  program  whose  name  begins 
with  $sys$.  That  is  a  very  useful 
function  if  you  are  in  the  business 


of  stealing  secrets  from  unsus¬ 
pecting  PC  users.You  can  render 
invisible  any  software,  big  or  small 
—  just  like  the  Klingon  cloaking 
device  of  “Star  Trek”  fame. 

Who  knew  that  Sony  was  a 
Klingon  front  company?  Well, 
come  to  think  of  it,  that  might 
explain  the  text  in  some  of  the 
instructions  I’ve  seen  from  them 
over  the  years.  Maybe  they  were 
partially  translated  from  Klingon. 

Sony  installing  any  software  on 
your  computer,  just  because  you 
want  to  listen  to  music  that  you 
legally  purchased,  is  a  bad  idea. 
But  not  making  it  clear  that  this  is 
the  bargain  the  user  has  agreed  to 
is  cheating.  It’s  a  case  of  a  compa¬ 
ny  not  having  the  guts  to  be 
upfront  about  the  bargain  so  a 
potential  purchaser  can  decide 
whether  he  wants  to  buy  a  prod¬ 


uct  that  requires  him  to  agree  with 
that  bargain. 

According  to  one  of  the  Klingon 
Web  sites,  there  is  an  old  saying 
that  goes:  “When  you  choose  to 
cheat  to  win  a  battle,  you  have 
already  lost."  I  expect  that  by  try¬ 
ing  to  hide  what  it  was  doing, 
Sony  has  managed  to  lose  a  battle 
it  might  otherwise  have  at  least 
fought  to  a  draw  —  a  “khesterex 
thath”  (Klingon  for  “screwed-up 
situation”)  indeed. 

Disclaimer:  As  far  as  I  can  find 
out,  Harvard  does  not  offer  a  class 
in  Klingon  (or  in  cloaking  soft¬ 
ware  or  devices),  so  the  above 
observation  must  be  mine. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com 


Bishop 

continued  from  page  31 

backbone  of  the  integration  strategy  that 
makes  BSM  real. 

Have  management  vendors  seen  a  demand 
from  customers  for  better  integration? 

There’s  a  pretty  clear  market  shift  within 
organizations  that  we  talk  to,  and  this  has 
been  true  for  some  time  now,  that  IT  orga¬ 
nizations  have  to  become  more  business- 
focused.  In  order  to  deliver  on  that  busi¬ 
ness  focus  or  to  make  it  easier  for  IT  orga¬ 
nizations  to  work  in  a  business  context, 
information  that  has  traditionally  been 
kept  in  disparate  places  and  managed  in 
very  disjointed  and  discrete  ways  now 
has  to  be  integrated  in  some  way. 

Probably  the  most  common  way  —  and 
the  approach  being  embraced  by  BMC  — 
is  around  a  core  set  of  IT  service-manage¬ 
ment  best  practices. 

Do  you  think  management  vendors  should 
take  on  the  onus  of  integration  for  cus¬ 
tomers? 

1  absolutely  do.  I  spend  a  fair  amount  of 
my  time  —  about  half  —  communicating 
externally  for  the  company,  and  a  lot  of 
that  time  is  spent  talking  with  customers. 
One  of  the  single  most  important  require¬ 
ments  we  hear  over  and  over  again  is 
that  customers  would  prefer  manage¬ 
ment  vendors  do  a  much  better  job  of 
integrating  their  products  than  they  have 
done  in  the  past.  It  will  make  it  easier  for 
the  c  ustomer  to  use  the  products  and  get 
value  more  quickly  without  a  lot  of  time 
and  effort  doing  integration. 

Aside  from  technology,  how  does  BMC  help 


customers  get  their  BSM  strategies  in  order? 

An  important  thing  for  us  is  to  capture 
the  best  practices  but  offer  the  solution 
in  such  a  way  that  customers  have  multi¬ 
ple  on-ramps.  Rather  than  saying, “here  is 
a  fully  integrated  IT  service  management 
solution  that  embraces  process  and  best 
practices,  buy  the  whole  thing,”  we  are 
offering  a  more  incremental  approach. 
There  isn’t  [just]  one  way  to  get  into  a 
more  service-oriented  IT  management 
approach.  BMC,  in  particular,  has  eight 
“routes  to  value.”  It’s  our  way  of  saying, 
“here’s  where  you  want  to  get  to,  but  you 
all  aren’t  starting  in  the  same  place.”The 
next  step  for  one  customer  could  be 
tacking  [on]  asset  management,  but  for 
another  it  could  be  incident  manage¬ 
ment.  What  we  tried  to  do  is  basically 
have  it  both  ways:  We  deliver  an  integrat¬ 
ed  solution  that  has  a  clear  road  map 
associated  with  the  steps  or  progression 
[that]  we  recommend  organizations  take, 
but  [we  try]  not  to  be  too  prescriptive 
with  that.  We  have  a  flexible  solution  that 
allows  you  to  start  in  several  different 
places  and  then  take  the  next  steps  as 
those  steps  are  appropriate  to  your  par¬ 
ticular  need  and  your  environment  — 
but  with  confidence  that  they  all  inte¬ 
grate. 

What  technologies  do  customers  most  request 
from  BMC? 

We  have  customers  coming  to  us  talking 
about  the  big  picture.  Because  of  the  bud¬ 
get  pressures  of  the  last  few  years,  IT 
departments  are  finding  they  have  to 
prove  the  business  relevance  of  what  they 
are  doing,  or  it  gets  outsourced.  I’ve  spoken 
with  customers  who  have  looked  at  every 
piece  of  IT,  and  if  they  couldn't  find  how  it 


helped  them  do  better  business,  they  cut  it 
or  outsourced  it. 

Any  technologies  rising  to  the  top  of  the  heap? 

The  two  top  themes  we  are  hearing  from 
customers  are  BSM  and  CMDB,with  iden¬ 
tity  management  probably  being  a  close 
third. Those  are  the  three  that  people  ask 
for  and  want  to  talk  about,  because  they 
are  either  concerned  or  scratching  their 
heads  about  them.  And  we  understand 
that  these  are  potentially  large  undertak¬ 
ings,  so  we  are  offering  ways  to  consume 
it  all  in  smaller,  bite-sized  chunks.  [A  new 
technology]  has  got  to  find  a  way  to  inte¬ 
grate  with  what  they  currently  have  and  it 
also  has  to  be  incremental  in  nature. 

How  does  BMC  tie  BSM  to  its  identity-manage¬ 
ment  products? 

Within  the  CMDB.all  the  various  IT 
processes  operate  against  a  consistent 
view  of  the  underlying  environment.  By 
tying  together  information  about  configu¬ 
ration  items,  associating  various  roles, 
responsibilities  and  administrator  access, 
and  associating  that  information  with  the 
configuration  items,  we  can  now  integrate 
identity  management  into  configuration 
and  asset  management  in  a  way  that  was 
hard  to  do  in  the  past. 

How  quickly  can  IT  managers  see  results  with  a 
BSM  rollout? 

It’s  an  evolutionary  process  that  takes 
time,  but  I  think  an  organization  should 
expect  to  start  to  see  results  within  three 
to  six  months  if  they  go  about  it  in  the 

correct  way. 

What  is  the  biggest  challenge  for  management 
vendors  to  evolve  their  products  to  meet  IT 


managers'  business-oriented  needs? 

The  industry  has  evolved.  I  would  say 
the  classic  four  vendors  —  BMC, 
Computer  Associates,  HP  and  IBM  Tivoli 
—  have  all  frankly  not  been  as  aggressive 
about  understanding  the  changes  that 
were  happening  in  IT  as  they  needed  to 
be.  All  of  us  have  been  waking  up  to  the 
realization  that  IT  needs  to  be  managed 
with  the  business.  It’s  a  challenge  for  us  to 
get  out  of  our  own  skin  that  we’ve  had  in 
the  past,  and  we’ve  got  to  help  people 
understand  that  we  are  a  different  kind  of 
company  ready  to  address  new  IT  man¬ 
agement  problems. 

Is  BMC  open  to  integrating  with  its  competi¬ 
tors? 

The  key  requirement  is  to  do  this  in  a 
way  that  is  truly  open.  We  can  begin  to 
integrate  with  third-party  products. We 
don’t  go  into  shops  where  they  don’t  have 
CA,  HP  or  IBM.  I’m  sure  they  see  BMC  in 
their  shops.  And  any  vendor  that  doesn’t 
have  a  mechanism  or  provide  within  their 
solution  or  architecture  the  ability  to  inte¬ 
grate  with  what  the  customer  already  has 
is  just  not  going  to  fly  Companies  have 
spent  tens  of  millions  of  dollars  on  these 
investments,  and  they  aren’t  going  to  walk 
away  from  them  lightly  ■ 


nww.com 

More  from  the  interview 

Head  online  to  hear  the  audio  from  the  entire  con¬ 
versation  with  BMC  CTO  Tom  Bishop. 

Dwcfinder:  9727 
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FOUNDRY  NETWORKS  GIVES  YOU  A  TRUE  VENDOR  AGNOSTIC  SOLUTION  THAT 

WORKS  WITH  THE  EQUIPMENT  YOU  CHOOSE  -  OR  ALREADY  HAVE.  SO  WHETHER 

YOU’RE  USING  AVAYA,  SIEMENS,  CISCO  OR  NORTEL,  FOUNDRY  NETWORKS  GIVES 
VOICE  TO  YOUR  NETWORK! 


Foundry’s  integrated  Power  over  Ethernet-  and  Quality  of  Service-based  switches  deliver  the  most  scalable,  secure  VoIP 
architecture,  with  the  lowest  latency  and  highest  performance  for  both  wired  and  wireless  IP  telephony.  Foundry  sup¬ 
ports  all  the  VoIP  features  you  need,  including  automatic  phone  discovery,  embedded  endpoint  security,  dynamic  L2-3 
QoS  support  and  wireless  mobility.  And  only  Foundry  lets  you  select  best-of-breed  or  low-cost  IP  phones,  conferencing, 
PBX,  and  voice/media  gateway  solutions  and  be  assured  of  full  compatibility. 
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Broadwing  beefs  up  managed  security 


BY  JIM  DUFFY 

Broadwing  this  week  plans  to  extend  its 
new  managed  security  portfolio  with  a  ser¬ 
vice  designed  to  mitigate  viruses  and  spam. 

The  services  are  premises-  and  network- 
based,  and  are  targeted  at  sites  ranging 
from  a  branch  office  to  a  large  headquar¬ 
ters  location. 

Last  week,  Broadwing  unveiled  a  premis- 
es-based  service  designed  to  provide  fire¬ 
wall  management,  intrusion  detection  and 
prevention,  and  enterprise  vulnerability 
management.  This  week,  the  company  is 
expected  to  roll  out  its  network-based  man¬ 
aged  spam  and  virus  protection  services, 
which  are  intended  to  monitor  and  filter  e- 
mail  content  for  spam  and  virus,  and  then 
“scrub”  those  messages  before  delivery  or 
redirect  them  to  an  e-mail  quarantine. 

This  service  is  based  on  technology  from 
MessageLabs. 

The  Broadwing  spam  and  virus  service  is 
a  supplement  to  a  customers  e-mail  server. 
The  customer  retains  ownership  and  con¬ 
trol  of  the  e-mail  server,  while  messages 
coming  in  through  the  Broadwing  network 
are  scrutinized  and  scrubbed. 

The  anti-virus  service  combines  Message- 
Labs’  proprietary  Skeptic  predictive  tech¬ 
nology  with  multiple  commercial  scanners 
to  identify  and  stop  existing  and  previously 
unknown  threats.  Skeptic  uses  artificial  in¬ 
telligence  and  learning  from  a  knowledge¬ 
base  of  e-mail  security  threats  to  identify 
viruses,  spam  and  pornography  without  the 


Short  Takes 


■  Like  Cingular  and  SBC  before  it, 
BellSouth  has  selected  Lucent  to 
provide  it  with  an  IP  Multimedia 
Subsystem  infrastructure  to  support 
residential  VoIP  in  BellSouth's  nine- 
state  region.  Under  the  multiyear 
agreement,  Lucent  will  help  build  out 
the  system  that  will  enable  VoIP  ser¬ 
ies  to  consumers  over  BellSouth 
FastAccess  DSL  Internet  service. 
Lucent  Worldwide  Services  will  pro- 
>  de  end-to-end  multivendor  network 
•.^gration  services,  including  net¬ 
work  and  security  design,  installa¬ 
tion  and  engineering,  and  program 
management. 


need  for  time-delayed  updates. 

The  Broadwing  virus  service  is  backed  by 
a  service-level  agreement  (SLA)  guarantee¬ 
ing  that  no  e-mail  viruses  or  malware  will 
reach  the  corporate  network. 

For  spam,  Broadwing  offers  no  SLA  guar¬ 
antees  even  though  MessageLabs  touts  a 
guaranteed  capture  rate  of  at  least  95%  and 
the  assurance  of  a  false  positive  commit¬ 
ment  of  0.0004%.  Broadwing  says  it  is  evalu¬ 
ating  which  spam  metrics  to  enforce. 

The  service  incorporates  textual  scan¬ 
ning,  lexical  analysis  and  attachment  con¬ 
trols  to  identify  and  control  confidential, 
malicious  or  inappropriate  content  in 
inbound  and  outbound  e-mail. The  service 
also  uses  image-composition  analysis  to 
identify  inappropriate  images. 

The  premises-based  service  offers  the 
entire  suite  of  Getronics’  managed  security 
services,  including  strong  authentication, 
intrusion  detection  and  prevention, identity 
theft  prevention,  security  reporting  and 
vulnerability  assessment.  Getronics  is  a  $3.6 


As  noted  in  previous  columns,  the  num¬ 
ber  of  “virtual  workers”  is  rising  dramatical¬ 
ly  Virtual  workers  are  those  whose  supervi¬ 
sor  and/or  peers  are  situated  in  a  different 
place. We’ve  documented  an  800%  increase 
in  the  number  of  virtual  workers  over  the 
past  five  years  —  for  very  tangible  reasons. 

Companies  that  engage  virtual  workers 
can  save  millions  of  dollars  on  facilities 
costs  by  locating  employees  in  less  expen¬ 
sive  suburban  areas  rather  than  high-cost 
metropolitan  areas,  and  personnel  by 
reducing  the  need  to  replace  or  move  work¬ 
ers.  And  they  see  greater  organizational 
agility  —  the  much-coveted  ability  to 
respond  quickly  and  effectively  to  changing 
business  conditions. 

Unfortunately,  when  it  comes  to  enabling 
virtual  workers,  the  courts  are  in  the  Dark 
Ages.  In  particular,  the  courts  seem  deter¬ 
mined  to  make  things  harder,  not  easier,  for 
one  class  of  virtual  workers:  telecommuters. 
The  U.S.  Supreme  Court  recently  decided 


billion  IT  services  company 

Broadwing  intends  to  bundle  Getronics’ 
security  services  with  its  telecom  services 
to  help  customers  secure  information 
assets  and  enhance  business  protection 
and  continuity  The  carrier  offers  guarantees 
of  15  minutes  for  incident  notification  and 
patches,  and  one  hour  for  change  controls. 

Pricing  for  this  service  is  based  on  the 
number  of  managed  appliances  and  the 
level  of  security  monitoring  required. 

Broadwing  also  is  developing  a  guaran¬ 
teed  distributed  denial  of  service  (DoS) 
mitigation  service  using  FeakFlow  equip¬ 
ment  from  Arbor  Networks.The  guarantees 
will  offer  SLAs  on  distributed  DoS  detection 
and  mitigation. 

Broadwing  joins  a  growing  roster  of  tele¬ 
com  carriers  entering  the  managed  securi¬ 
ty  service  market,  including  Verizon  and 
SBC.  The  worldwide  market  for  such  ser¬ 
vices  is  expected  to  grow  to  about  $4  bil¬ 
lion  in  2011  from  $925  million  in  2004, 
according  to  Frost  and  Sullivan.  ■ 


not  to  hear  an  appeal  by  a  Tennessee 
telecommuter  who  was  charged  New  York 
state  income  taxes.  A  New  York  state  appeals 
court  ruled  that  the  state  had  the  right  to  tax 
100%  of  an  employee’s  income  derived 
from  New  York  sources,  even  if  the  employ¬ 
ee  did  not  reside  in  New  York  and  spent  less 
than  25%  of  his  time  in  that  state. 

The  effect  is  to  potentially  increase  the  tax 
burden  of  telecommuters  whose  employ¬ 
ers  are  based  in  states  with  higher  income 
taxes,  thus  making  telecommuting  a  less- 
attractive  option  to  employees  and  making 
it  harder  for  employers  to  recruit  such 
employees.  For  example,  companies  creat¬ 
ing  “virtual  contact  centers"  leveraging  VoIP 
to  enable  contact  center  workers  to  work 
from  home  may  find  it  more  challenging  to 
build  out  such  centers.  Corporations  aren’t 
the  only  ones  who  lose  —  employees  who 
may  be  considering  telecommuting  as  a 
way  to  save  energy  costs  and  improve  work- 
life  balance  now  have  to  weigh  the  poten¬ 
tial  effect  of  a  tax  increase. 

This  is  nuts!  Just  when  companies  ought 
to  be  striving  to  make  telecommuting  more 
attractive  —  not  less  —  to  their  employees, 
the  courts  are  trying  to  throw  on  the 


The  drivers 

Managed  security  is  in  demand 
because  IT  staffs  need  to  deliver  new 
applications  while  wrestling  with: 

•  Constrained  budgets. 

•  Complex  existing  infrastructures. 

•  Regulatory  compliance  (such  as  Health  Insurance 
Portability  and  Accountability  Act,  Sarbanes-Oxley  Act). 

•  Constantly  changing  technology. 

•  Increased  security  threats. 

Certain  features  enable  managed 
service  providers  to  do  the  job  better 
and/or  more  cost  effectively: 

•  Ability  to  hire  security  expertise  (and  leverage 
across  customer  base). 

•  Ability  to  see  trends  emerge  across  a  wide 
customer  base. 

•  Ability  to  defend  certain  threats  better  from 
within  the  network. 


brakes.  So  what  can  forward-looking  com¬ 
panies  and  their  employees  do? 

IT  executives  should  review  their  tele¬ 
commuting  policies  in  light  of  potential 
employee  tax  liability  It’s  a  good  idea  to  en¬ 
gage  the  legal  and  human  resources  de¬ 
partments  to  ensure  you’re  fully  informed. 
One  stopgap  workaround  is  to  certify  that 
employees  who  work  at  home  are  doing  so 
for  the  company’s  benefit,  as  employees 
who  work  at  home  for  their  employers’ 
benefits  may  be  exempt  from  tax  increases. 

A  more  structural  solution  is  to  encourage 
Congress  to  enact  the  Telecommuter  Tax 
Fairness  Act  of  2005,  which  modifies  the  tax 
code  to  address  precisely  this  issue. The  act 
is  currently  in  committee  and  has  not  yet 
been  voted  on;  its  sponsors  include  a  bipar¬ 
tisan  roster  of  senators  and  representatives. 

And  ask  your  legislators  to  support  the 
Telework  Tax  Incentive  Bill  proposed  by 
Sen.  Rick  Santorum  (R-Pa.),  which  would 
provide  a  $500  tax  credit  for  teleworkers. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Taxing  telecommuting? 


NETWORK  MANAGEMENT  POWERFUL 
ENOUGH  TO  DO  EVERYTHING 

IS  TOO  COMPLEX  TO  DO  ANYTHING. 


Don’t  get  stuck  with  more  than  you’ll  ever  use  and  less  than  you  need. 
Ipswitch  Whatsllp®  Professional  is  designed  specifically  for  small-  and 
medium-sized  businesses.  So  you  get  essential  network  management 
without  high  administrative  costs  and  effort.  Featuring  comprehensive 
alerts,  automatic  device  mapping,  detailed  trend  reports  and  secure 
remote  access  -  it’s  a  smarter  solution,  instead  of  a  bigger  one. 


Ipswitch  Whatsllp  Professional. 
It  just  works. 
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You  need  a  darn  good  reason 
to  introduce  another  vendor 
into  your  network.  Here  are  four. 

Our  intelligent  overlay  network 
delivers  automated  core-to-edge 
security.  It’s  based  on  an  open 
architecture.  It  optimizes 
applications.  It  makes  VoIP  possible 
on  your  existing  infrastructure. 

And  that  is  just  the  beginning. 

3Com 

security 

VoIP 

wireless 

switching 

routing 

services 

v  3com.com/AdvanceTheNetwork _ J 


Copy*  ;t*  C  2005  3Com  Corporation  All  rights  reserved  3Com  and  the  3Com  logo  are  registered  trademarks  ol  3Com  Corporation 
All  other  con,  any  and  product  names  may  be  trademarks  of  their  respective  companies 


11.14.05  •  www.networkworld.com  •  37 


TECHNOLPfiY  UPDATE 

AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 

Cognitive  radio  enhances  WLANs 


HOW  IT  WORKS:  Cognitive  radio  for  WLANs 

Implemented  in  the  access  point,  cognitive  radio  continually  scans  both  wireless  LAN  frequency  bands,  providing  a 
comprehensive,  up-to-date  understanding  of  the  RF  environment. 


I  Identifies  interferers 


802.11b/g 
2.4  GHz 


802.11a 
5  GHz 


it  |  |  o  unt  | 


802.1 1b/g 
2.4  GHz 


/ - 7a 

) 

Microwave 

ovens 


Cordless 

phones 


802.11b/g  802.11a 

2.4  Cb  •Jf  5  GHz 


WLAN  access  point  with 
cognitive  radio 


B  Identifies  rogue  access  points  and 
wireless  intruders 

802.11b/g 
2.4  GHz 


Intruder 


Q  Upon  initial  deployment  of  the  access  point,  the  cognitive  radio  performs  a  full  scan  of  the  RF  environment  detecting  both  802.11  and  non-802.11  interference. 
The  access  point  selects  the  WLAN  channels  with  the  least  interference  to  maximize  performance. 

B  Continual  scanning  of  all  WLAN  access  channels  in  both  frequency  bands  enables  the  system  to  identify  rogue  access  points  and  wireless  intruders  so  policy- 
based  action  may  be  taken  quickly. 


BY  NESTOR  FESAS  AND  BOB  MAYER 

The  explosive  growth  of  wireless  tech¬ 
nologies  has  created  managerial  chal¬ 
lenges  for  those  who  oversee  wireless  net¬ 
works.  With  wireless  intrusion  threatening 
security  and  radio  frequency  interference 
impeding  performance,  IT  managers  need 
an  up-to-date,  detailed  understanding  of  the 
RF  environment  to  make  informed  deci¬ 
sions  about  how  to  solve  these  problems. 

Cognitive  radio  technology  enables  a 
radio  device  and  its  antenna  to  sense  its  RF 
environment  and  adapt  its  spectrum  use  as 
needed  to  avoid  interference.  Integrated 
software  and  silicon  solutions  enable  cog¬ 
nitive  radio  to  be  built  into  enterprise-class 
wireless  LAN  (WLAN)  access  points  to 
boost  security  and  optimize  performance. 
Access  points  with  this  feature  are  expect¬ 
ed  to  be  available  next  year. 

Wireless  intrusion  occurs  when  unautho¬ 
rized  WLAN  users  gain  access  to  a  secured 
network.  Causes  include  hackers  creating 
ad  hoc  networks  with  WLAN  clients  or  a 
rogue  access  point  connected  to  a  wired 
network  without  proper  security  levels.  In 
either  case,  the  keys  to  prevention  are 
quick  identification,  containment  and  de¬ 
fensive  action. 

The  first  step  in  preventing  wireless  intru¬ 
sion  is  identifying  the  intrusion  point.  Be¬ 
cause  WLANs  are  fixed  to  a  specific  WLAN 
channel  during  operation,  they  cannot 
simultaneously  detect  intrusion  points  on 
other  WLAN  channels.  Relying  on  a  single¬ 
radio  access  point  to  provide  access  and 
security  is  insufficient.  Network  managers 
must  be  able  to  monitor  the  full  WLAN  fre¬ 
quency  range  to  be  able  to  reliably  detect 


and  identify  intrusion  points. 

Cognitive  radio  for  WLANs  provides  a 
means  to  observe  the  RF  environment  in 
the  2.4-GHz  and  5-GHz  frequency  bands 
within  which  IEEE  802.11  WLANs  operate 
without  disrupting  normal  wireless  VoIP 
and  data  traffic.  Continuous  scanning  of 
both  bands  for  802.11  and  non-802.11 
devices  allows  for  timely  detection  of 
intmders. 

With  detailed  information  from  multiple 
cognitive  radios  within  a  WLAN,  administra¬ 
tors  can  take  preventive  action. 

Cognitive  radio  can  detect  non-802.1 1  de¬ 
vices.  This  is  important  because  interfer¬ 
ence,  regardless  of  source,  lowers  effective 


data  throughput  and  overall  network  per¬ 
formance.  IEEE  802.1 1-based  WLANs  oper¬ 
ate  within  the  unlicensed  radio  spectrums 
around  2.4GHz  (802.11b  and  802.1  lg)  and 
5GHz  (802. 1  la).  Other  wireless  connectivi¬ 
ty  standards,  such  as  Bluetooth  and  Home- 
RF  operate  in  the  same  unlicensed  radio 
spectrums.  Microwave  ovens,  cordless 
phones  and  industrial  equipment  can  gen¬ 
erate  noise  in  these  bands. 

This  technology  allows  a  network  to 
detect,  identify  and  avoid  these  noise 
sources.  Proactive  behavior  allows  a  net¬ 
work  to  be  established  on  clearer  channels 
during  initial  deployment.  Ongoing  moni¬ 
toring  allows  network  administrators  to 


take  rapid  corrective  action  against  RF 
noise.This  affords  the  optimal  network  per¬ 
formance  that  W1AN  users  expect. 

Integrated  software  and  silicon  solutions 
enable  access  points  to  be  developed  to 
provide  simultaneous  WLAN  access  in  the 
2.4-GHz  and  5-GHz  bands  while  providing 
integrated  cognitive  radio  functionality  that 
ensures  security  and  performance  for 
enterprise  wireless  networks. 

Fesas  is  vice  president  of  systems  engi¬ 
neering,  and  Mayer  is  vice  president  of  mar¬ 
keting  for  Bandspeed.  They  can  be  reached 
at  nfesas@bandspeed.com  and  bmayer@ 
bandspeed.com. 


Ask  Dn  Internet  By  Steve  Blass 


I’ve  worked  with  some  basic  Web  tools  and  have 
experimented  with  Resource  Description 
Framework  and  want  to  build  a  metadata  re¬ 
pository  to  manage  a  collection  of  Web-based 
and  physical  resources.  Is  there  a  reasonably 
easy,  open  source  metadata  repository  soft¬ 
ware  we  could  try? 

Try  Repository  in  a  Box  (http://id.cs.utk.edu),  which 
runs  under  Linux  and  Windows  versions  of  Apache 
Tomcat  using  MySQL  for  data  storage.  It  provides  a  full- 
featured  repository  management  system  that  automati¬ 


cally  publishes  a  browser-capable  and  searchable  cata¬ 
log.  Repository  in  a  Box  uses  the  Basic  Interoperability 
Data  Model  IEEE  standard  for  encoding  metadata  but 
does  not  publish  RDF  data  directly. 

The  Fedora  (not  to  be  confused  with  Red  Flat  Fedora) 
general-purpose  repository  system  developed  jointly  by 
Cornell  University  Information  Science  and  the 
University  of  Virginia  Library  provides  open  source 
repository  software  and  related  services  to  serve  as  the 
foundation  for  many  types  of  information  management 
systems.  Fedora  is  available  from  www.fedora.info  and 


includes  the  McKoi  Java  database  in  the  distribution,  so 
it  can  be  installed  and  used  without  a  stand-alone  SQL 
database  implementation.  While  Fedora  is  based  on  Web 
service  protocols  and  can  be  used  to  publish  RDF  data 
readable  by  tools  such  as  the  PiggyBank  semantic 
browser  plug-in  for  Firefox,  Repository  in  a  Box  is  slight¬ 
ly  easier  to  install  and  can  be  used  right  away. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@changeat 
work.com. 
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Fun  with  an  online  photo  gallery 


It  was  a  simple  enough  require¬ 
ment:  We  wanted  to  put  photographs 
of  our  sons  football  games  online  so 
parents  and  supporters  of  the  team 
could  buy  prints,  with  the  profits 
going  into  the  teams  coffers. 

The  constraints  were  that  the  sys¬ 
tem  would  have  to  look  good  and  be 
easy  to  use  when  implemented, work 
on  most  peoples  computers  and  be 
easy  to  manage.  This  last  issue  was 
crucial  because  as  we  have,  after 
weeding  out  the  duds,  around  150 
photos  per  game  (ah,  the  wonder  of  digital  cameras)  and 
we’re  up  to  our  eighth  game  (we’re  eight  for  eight!),  man¬ 
agement  for  around  1,000  photos  is  pretty  important. 

We  decided  to  look  for  a  Flash-based  system  because 
something  around  98%  of  users  have  Flash  installed.  We 
first  found  a  couple  that  looked  promising,  but  they  were 
too  expensive, at  more  than  $200,  and  not  flexible  enough. 

We  finally  discovered  Darren’s  $5  Script  Archive 
(www.tufat.com),  which  has  a  section  devoted  to  Flash 
Image  Galleries.These  scripts  are, indeed, $5  each, and  they 
are  really  pretty  good. 

We  purchased  and  fooled  around  with  a  number  of  these 
galleries  and  decided  the  one  that  looked  the  nicest  and 
had  the  best  interface  was  Fast  Gallery  2.2  (www.network 
world.com,  DocFinder:  9730).  The  gallery  has  thumbnails 
that  can  be  different  from  the  picture  shown  in  the  main 


window. You  can  zoom  in  and  out  of  the  main  window  and 
drag  the  zoomed  contents  around,  and  if  you  click  on  the 
main  window,  the  full-resolution  picture  is  loaded  into  a 
pop-up.  Finally  you  can  print  the  picture,  disable  any  or  all  of 
the  controls  and  change  the  colors  used  as  well  as  the  lay¬ 
out  —  four  layout  versions  are  included. 

Then  we  had  an  “ah-ha”  moment,  as  in  “oh  rats."  The  rea¬ 
son  for  this  was  that  the  configuration  file  for  the  gallery  is 

RealBasic  will  generate 
applications  that  work 
consistently  on  Windows, 
Macintosh  and  Linux! 

an  XML  file  that  lists  all  of  the  images  to  be  displayed.  For 
each  photo  the  XML  data  looks  like  this: 

cimage  thumb=“thumbsdir/image2-thumb.jpg”>image 
dir/image2.jpg</image> 

<captiontext>image  2  text</captiontext> 

<imageurl  popupwidth=“460”  popupheight=“425”>big 
imagedir/image2.jpg</imageurl> 

You  can  use  the  same  file  for  the  thumbnail,  the  large- 
scaled  image  and  the  pop-up  image,  but  remember  we 
have  around  1,000  photos  to  deal  with,  so  this  would  be  a 
lot  of  work  to  create  by  hand.  Obviously,  a  bit  of  program¬ 
ming  was  in  order, and  this  was  a  fine  time  to  test  a  product 
we’ve  been  meaning  to  write  about  for  a  few  months: 


RealBasic  from  Real  Software. 

RealBasic  is  an  outstanding  version  of  the  BASIC  lan¬ 
guage.  It  consists  of  an  integrated  development  environ¬ 
ment  that  supports  the  creation  of  application  user  inter¬ 
faces  by  dragging  and  dropping  components  onto  a  win¬ 
dow.  RealBasic  includes  more  than  40  user  interface  con¬ 
trols,  such  as  buttons,  fields, sliders  and  progress  bars. 

There  also  is  a  code  editor, so  that  you  can  attach  code  to 
events,  and  there  is  support  for  SSL  and  database  server 
connectors  (Oracle,  SQL  Server,  FileMaker  Server  and 
MySQL  are  included). 

Most  impressively  RealBasic  will  generate  applications 
that  work  consistently  on  Windows,  Macintosh  and  Linux! 

We  started  building  an  application,  and  RealBasic  is  easy 
to  use  . . .  until  you  get  ambitious.  We  coded  a  program  that 
allows  you  to  select  a  subdirectory,  builds  an  array  of  file¬ 
names  and  then  substitutes  the  filenames  in  the  XML  text. 

Then  we  got  ambitious.  Because  dealing  with  even  200 
files  takes  a  while,  we  added  a  report  on  the  files  to  be 
processed  and  included  a  progress  bar.  Then  we  tried  to 
add  an  editor  to  allow  you  to  set  the  various  display  con¬ 
figuration  parameters  and  an  image  viewer  so  you  could 
view  and  omit  photos  you  didn’t  like.The  configuration  edi¬ 
tor  was  easy  but  we  got  hung  up  figuring  out  how  the 
image-display  component  works,  and  we  ran  out  of  time. 

More  next  week.  In  the  meantime,  code  a  comment  to  gear 
head@gibbs.com.  Oh  yeah,  don’t  forget  Gibbsblog  (www. 
networkworld.com/community/7q-gibbsblog). 
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*“  ’  CoolTools 

^  Quick  takes  on  high-tech  toys.  Keith  Shaw 

The  scoop:  DS360  CD/DVD  Shredder,  about  $120,  from  Primera 
Technology 

What  it  is:  More  than  a  paper  shredder,  the  DS360  offers  a  quick 
and  easy  way  for  IT  departments  to  destroy  CDs  or  DVDs  that  may  include  out¬ 
dated  yet  still  sensitive  data.  In  addition  to  crunching  CDs  and  DVDs,  it  can  tear  up 
credit  cards  and  folded  paper.  Remains  of  your  destructive  efforts  end  up  in  a  plas¬ 
tic  bin  that  you  can  then  easily  dump  into  a  trash  bin. 

Why  it’s  cool:  Watching  and  hearing  a  CD  or  DVD  get  run  through  a  shredder  is 
fun  when  you’re  bored  in  the  office.  More  seriously  what  is  cooler 
than  knowing  that  the  data  you  had  been  storing  is  now  com¬ 
pletely  safe  from  the  prying  eyes  of  corporate  spies  and  dump¬ 
ster  divers?  Even  better,  the  small  disc  shreds  that  remain  are 
quite  sharp, so  you  can  throw  them  in  the  trash  to  deter  anyone 
looking  for  secret  information. You  can  see  how  much  fun  we 
had  with  the  shredder  at  www.networkworld.com/video. 

Grade:  ★★★★(out  of  five) 


Primera’s  DS360 
shredder  easily 
turns  DVDs  and 
CDs  into  waste. 


The  scoop:  Z-5450  Digital  5.1  Speaker  System,  between  $350 
and  $500,  from  Logitech 

What  it  is:  The  Z-5450  is  a  high-end  speaker  system  that  includes  a 
left,  center,  right,  subwoofer  and  two  rear  speakers,  as  well  as  a  con¬ 
troller  that  governs  the  multiple  audio  source  inputs  available. The 
dual-chamber  subwoofer  produces  116  watts  of  power  and  the 
satellites  produce  1 19  watts.so  you  won’t  have  timid  sound  coming  from  this  system. 
In  addition, the  two  rear  speakers  are  controlled  wirelessly, so  you  don’t  have  to  figure 
■  >m  how  to  hide  the  speaker  wire  for  these  two  components  (you  just  need  to  place 
them  near  a  power  outlet). 


Why  it’s  cool:  The  wireless  rear  speak¬ 
ers  were  cool,  and  so  was  the  ability  to 
put  multiple  audio  source  connections 
through  the  system.  Similar  to  displays 
that  accept  multiple  video  source 
feeds,  the  Z-5450  now  allows  for 
three  stereo  sources  (such  as  CD 
player  or  iFbd),  as  well  as  systems 
that  support  digital  optical  con¬ 
nections  or  digital  coaxial  con¬ 
nections  (one  coaxial  and  two 
optical  ports  are  on  the  con¬ 
troller).  A  PlayStation  2  can  be 
connected  to  the  speaker  system 
through  a  digital  optical  connection  for 
surround  sound  in  video  games. 

The  system  includes  a  Dolby  Pro 
Logic  II  decoder,  which  gives  surround- 
sound  features  through  a  normal  stereo 
connection.  I  connected  my  iPod  to  one  of  the  stereo  connections,  and  then 
changed  to  the  Dolby  II  Music  option  on  the  controller  —  suddenly,  1  was  listening 
to  music  through  the  five  speakers  and  subwoofer. 

Speaking  of  the  subwoofer,  the  dual-chamber  technology  produced  some  very 
loud  bass  and  low  sounds, so  be  warned  that  your  wife  may  yell  at  you  to  turn  it  down 
should  you  be  playing  one  of  those  movies  with  a  lot  of  explosions  and  the  like. 

If  you  have  a  flexible  home  theater  set  up  with  multiple  video  sources,  treat  your¬ 
self  to  a  system  that  will  be  able  to  support  multiple  audio  inputs  as  well. 

Grade:  ★★★★★ 

Shaw  can  be  reached  at  kshaw@nww.  com.  Don  t  forget  to  check  out  this  year's  Cool 
1 hie  Tools  gift  guide,  starting  on  page  62. 


Logitech’s  subwoofer  screams  out  116 
watts  of  power,  making  this  system  any¬ 
thing  but  timid. 
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Take  cost  out  of  your  business  and  increase 


No  matter  where  you  do  business. 


The  Brother  Advantage 

^  Comprehensive  selection 
^  Increased  productivity 
Lower  acquisition  costs 
^  Reduced  consumable  costs 
>■  24/7/365  support  and  service 
^  Free  evaluation  program 
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Brother  Printer,  Fax  and  Multi-Function  Center®  models  - 
designed  to  increase  productivity  while  decreasing  overhead. 

Considering  that  over  94%  of  Fortune  1000  company  employees  work  outside 
corporate  headquarters*,  equipping  them  with  a  cost-effective  solution  is,  to 
say  the  least,  a  major  challenge. 


That's  why  Brother's  Commercial  Division  is  committed  to  providing  superior 
and  reliable  imaging  solutions  that  increase  productivity  while  reducing  costs. 
This  enables  businesses  like  yours  to  effectively  address  critical  organizational 
goals  and  challenges. 


Mobile  Printing  Solutions  Labeling  Solutions 


But  it  is  our  product  reliability,  coupled  with  a  responsive  nationwide  support 
and  service  network,  that  has  companies  like  yours  putting  Brother  at  the  top 
of  their  requisition  lists. 


Desktop  Laser  Solutions 


Color  Laser  Solutions 


Network  Printer  Solutions 


Multi-Function  Solutions 


Fax  Solutions 


Brother's  Commercial  Division  welcomes  the  opportunity  to  put  our  resources 
to  work  for  you.  Contact  us  today  so  we  can  show  you  how  we  can  positively 
impact  your  bottom  line  while  enhancing  your  performance. 

For  more  information,  call  1-866-455-7713. 

*Purchase  Influence  in  Larger  American  Businesses  ( Erdos  &  Morgan,  2001). 


©  2005  Brother  International  Corporation,  Bridgewater,  NJ  •  Brother  Industries  Ltd.,  Nagoya,  Japan 

For  more  information  visit  our  Web  site  at  www.brother.com 
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Each  week  Network  World  delivers  an 
extensive  line-up  of  product,  service  and 
industry  news,  analysis,  case  studies,  buyer's 
guides,  expert  opinion  and  management 
advice  that  Network  IT  Executives  rely  on 
to  get  their  job  done. 

Your  FREE  subscription 
will  include ... 

•  New  product  information  and  reviews  that  break 
through  vendor  hype  and  put  you  in  control  of  your 
technology  purchases 

•  Implementation  strategies  and  security  tips  and  tricks 
that  you  can  use  to  improve  your  infrastructure  and 
boost  your  company's  competitive  standing 

•  Tried-and-true  management  strategies  to  help  you 
boost  your  network  career 

•  An  insider's  view  on  how  your  competitors  are  using 
new  technology  to  their  business  advantage 


Plus  our  Special  Signature  Series 
Issues — Each  Signature  Series  issue  provides  insights, 
opinions  and  information  on  an  important  aspect  of  the 
industry  to  give  you  the  clearest  picture  of  the  current 
trends  and  trendsetters  in  the  Network  IT  market. 


To  subscribe  visit: 

apply.nww.com/free05 


Network  World,  Inc.,  118  Turnpike  Road,  Southborough,  MA  01772  (508)460-3333 
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An  exclusive  survey  reveals  that  the 
burgeoning  ranks  of  remote  employees 
working  the  Web  are  taking  a  toll  on 
application  performance.  Now  businesses 
are  battling  back  with  strategies  to 
boost  performance  and  turbocharge 
productivity. 
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Up  and  Running  A-2 

Financial  firm  gets  the  most  from  its 
WAN  with  F5  technology. 

Order  from  Chaos  A-4 

Productivity  receives  a  jump-start  with 
Juniper’s  acceleration  platforms. 

Mining  Success  A-6 

Arch  Coal  unearths  big  savings  with 
Racketeer  solutions. 

Peak  Performance  A-8 

Riverbed  returns  huge  verdict  of 
savings  to  law  firm. 

Optimizing  Your  Business  A-  i  0 


Radware  puts  the  “smarts”  in  networks 
and  application  delivery. 


Productivity  Engine 

Orbital  Data  helps  user  boost 
performance  without  adding  IT  staff. 
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Supercharging  Application  Performance  A- 1 2 

Akamai’s  Warren  Ross  on 
WAN  optimization. 

Cure  for  Slow  Performance  A- 1 4 

Citrix  NetScaler  proves  the  right 
medicine  for  healthcare  provider. 

Power  Up  the  Users  A- 1 6 

Why  some  of  the  biggest  names  in 
business  are  turning  to  Expand  Networks. 
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As  Web  applications 
and  demands  of 
remote  workers 
slam  performance, 
users  fight  back  to 
optimize  the  WAN 
and  reinvigorate 
productivity. 


John  Marquart  has  a  goal: 

to  offer  more  than  1,500  users  remote 
access  to  a  dozen  applications  running  simul¬ 
taneously  over  the  wide  area.  His  only  obsta¬ 
cle  is  the  unpredictable  nature  of  the 
Internet. 

“Our  biggest  challenge  is  providing  reliable 
and  predictable  performance  of  applications 
for  our  users,”  says  Marquart,  director  of 
infrastructure  at  Keystone  Foods  LLC  in 
Conshohocken,  Pa. 

It’s  a  challenge  shared  by  many  of  his  peers, 
as  evidenced  by  a  new  research  study  by 
Research  Concepts  LLC,  Berlin,  Mass.,  titled 


“Optimizing  Application  Performance  on  the 
WAN.”  A  majority  of  the  198  IT  respondents 
say  they  offer  access  to  applications  over  the 
WAN,  and  30  percent  say  they  have  experi¬ 
enced  an  increase  in  performance  problems 
with  those  applications  during  the  past  12 
months. 

The  result  of  this  degradation  in  perform¬ 
ance,  according  to  the  study,  is  a  significant 
(8  out  of  10  respondents)  loss  of  individual 
employee  productivity,  and  25  percent  even 
saw  a  decline  in  revenue-producing  activities. 
This  has  left  them  searching  for  alternatives 
to  improve  the  wide-area  performance 


of  their  critical  applications. 

Marquart  knows  this  firsthand.  Initial 
attempts  at  providing  WAN  application  access 
were  difficult.  He  supports  remote  access  from 
30  sites  that  each  have  full  T- 1  access.  Users 
can  access  business-critical  applications  such  as 
enterprise  resource  planning  (ERP),  Oracle 
financial  databases,  and  voice  over  IP  (VoIP). 
“Every  month,  we  add  another  couple  of  appli¬ 
cations  to  the  wide-area  network,”  he  says. 

Early  on,  Marquart  experienced  problems. 
As  more  applications  were  loaded  onto  the 
network,  they  began  to  fight  for  bandwidth, 
and  users  started  to  notice.  Web  forms  were 


F5  solutions  add  intelligence  to  your  network  and 
productivity  to  your  workforce. 

Running — Fast 


of  traffic,  remote  access  demands,  advanced 
applications,  and  security  issues  can  put  a  strain 
rind  application  performance  to  a  halt.  Down  goes 
your  productivity,  employee  moral,  the  ability  to  service  your  customers  ... 
your  revenue  gains. 

F5  Networks  Inc.  is  the  leading  provider  of  Application  Delivery 
Networking  (ADN).  ADN  doesn’t  throw  a  single  answer  like  “More  band¬ 
width!”  at  the  problem.  It’s  a  system  of  integrated  solutions  that  ensures 
applications  running  over  the  network — LAN  or  WAN — are  always  secure, 
fast,  and  available.  Since  you  rely  on  your  applications — in  the  office,  at  home, 
on  the  road — it  is  essential  that  they  are  delivered  securely  and  quickly, 
regardless  of  your  location.  By  adding  intelligence  and  manageability  to  the 
network  just  where  you  need  it,  and  offloading  applications,  F5  solutions 
allow  applications  to  do  what  they’re  designed  to  do:  perform. 

For  example,  F5’s  WANJet™  and  WebAccelerator™  product  lines  specifical- 
7  address  WAN  optimization  and  application  acceleration  challenges.  WANJet 
ao derates  file  transfers,  email,  clientyserver  applications,  data  replication,  and 
other  functions,  resulting  in  predictable,  fast  performance  for  all  WAN  users. 


A  deluge 

on  your  network  and  j 


Getting  the  most  out  of  bandwidth 

“As  one  of  the  largest  retirement  plan  record  keepers  in  the  nation  ...  with  a 
growing  participant  base  that  already  exceeds  9  million,  we  needed  a  solution 
that  could  ensure  we  were  getting  the  most  out  of  our  existing  bandwidth 
while  still  providing  full  encryption,”  says  Barry  Strasnick,  CIO  of  CitiStreet,  a 
global  benefits  delivery  firm  in  North  Quincy,  Mass. “WANJet  was  the  only 
solution  that  combined  the  WAN  and  application  technologies  we  needed  to 
ensure  the  absolute  highest  level  of  performance  over  the  WAN.” 

WebAccelerator™  is  an  advanced  application  delivery  solution  that  can 
improve  Web  application  performance  by  as  much  as  200  to  500  percent. 

“The  WebAccelerator  was  chosen  to  be  part  of  our  reengineering  efforts 
because  it  was  able  to  meet  and  exceed  all  our  performance  requirements,” 
notes  Jay  Hunter,  IT  project  manager  for  London-based  British  Land  Co. 

Based  on  the  company’s  unique  TMOS  architecture,  F5  solutions  provide  a 
uniquely  powerful  integrated  application  delivery  network,  from  SSL  virtual 
private  networks  (VPNs)  to  application  traffic  managers — to  ensure  superior 
security,  performance,  and  availability  for  all  applications. 

For  more  information,  visit  www.f5.com. 
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OVERACHIEVE 


F5  not  only  protects  your  network  applications 
from  security  threats,  but  ensures  those  applications 
run  faster  and  are  always  available. 

The  F5  mission  is  to  make  your  applications  do 
what  they  were  designed  to  do:  perform. 

More  than  9,000  organizations  around  the 
world  overachieve  with  F5  Networks.  Can  yours? 

THE  WORLD  RUNS  BETTER  WITH  F5 


WWW.F5.COM 


Advertising  Supplement 


Percentage  of  Applications  Accessed 
via  the  Web  (on  average)  730^ 


All  respondents  Small  companies  Medium-sized  Large  enterprises 
(n=l98)  (n=46)  businesses  (n=50)  (n=!02) 


slow  to  download,  causing  frustration  and  lost 
productivity.  Marquart  attempted  to  alleviate  the 
problem  by  boosting  capacity.  “We  quickly  realized 
that  buying  more  bandwidth  doesn’t  always  help, 
and  for  us,  it  wasn’t  a  cost  issue.  It  doesn’t  fix  per¬ 
formance  issues.The  hungriest  applications  were 
still  starving  the  others,”  he  says. 

Finding  the  right  tool 
Instead,  to  offer  stable  and  consistent  perform¬ 
ance  to  business-critical  applications,  Marquart 
turned  to  WAN  optimization  tools  that  allow  him 
to  shape  traffic,  enforce  policies,  and  set  priorities. 

These  tools,  which  are  available  as  stand-alone 
appliances,  software,  or  managed  services,  let  IT 
managers  make  better  use  of  the  network 
resources  they  have  to  improve  application  per¬ 
formance  over  the  wide  area. 

WAN  optimization  tools  feature  a  variety  of 
techniques,  including  caching,  compression,  priori¬ 
tization,  policy  enforcement,  and  offloading  server 
CPU-intensive  tasks,  such  as  handling  TCP  and 
Secure  Sockets  Layer  (SSL)  requests. They  can  be 
asymmetric  (at  one  end  of  the  connection)  or 
symmetric  (at  both  ends). They  can  be  managed 
in-house  or  outsourced.  And  they  can  be  single¬ 
function  or  multifunction. The  choices  are  seem¬ 
ingly  unlimited. 

But  no  matter  which  type  you  choose,  they  all 


F/gure  I 

have  a  common  denomina¬ 
tor — to  help  you  avoid 
spending  thousands  of  dol¬ 
lars  each  month  on  addi¬ 
tional  bandwidth  capacity. 

“Bandwidth  is  expensive, 
and  no  one  has  a  band¬ 
width  budget  that’s  going 
to  keep  increasing,”  says 
Johna  Till  Johnson,  founder 
of  Nemertes  Research  in 
New  York  City.  She  says  IT 
managers  must  find  alter¬ 
natives  as  the  challenges 
they  face  in  delivering 
applications  over  the  wide  area  intensify. 

Johnson  points  to  the  number  of  remote  users 
who  are  accessing  applications  over  the  wide 
area.  “Three  years  ago,  85  percent  of  workers 
were  outside  of  headquarters;  that  number  is  now 
at  92  percent,”  she  says. 

She  says  the  types  of  applications  they  are  try¬ 
ing  to  reach  also  plays  a  role  in  performance 
degradation.  “You’ve  got  the  convergence  of  voice 
and  data  going  out  to  remote  users,”  she  says. 
Hefty  and  chatty  applications  like  databases  and 
telephony  tools  are  becoming  commonplace  over 
the  Web,  requiring  servers  to  answer  multiple 
requests  over  the  long  haul. 


The  Research  Concepts  study  shows  that 
enterprises  offer,  on  average,  access  to  57  percent 
of  their  applications  over  the  wide  area.  But  with 
large  enterprises,  that  number  grows  to  73  per¬ 
cent,  according  to  the  report.  (See  Figure  I .) 

At  the  same  time  that  demand  is  growing  for 
applications,  IT  groups  are  consolidating  their 
infrastructure  resources  into  centralized  data  cen¬ 
ters  for  better  management,  regulatory  control, 
and  cost  savings.  “With  consolidation,  you’re  tak¬ 
ing  whatever  server  you  had  in  the  field  and  mov¬ 
ing  it  farther  away  from  users,”  she  says.The  end 
result  is  that  traffic  now  has  to  travel  across 
greater  distances  to  reach  its  final  destination. 
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* T  m anaaprQ  rp between  a rock and a  hard  p|ace- 

*  ”«  S  ;  Set!  O  Cll  On  the  one  hand,  they  are  scram¬ 

bling  to  build  out  networks  to  accommodate  the  rapid  global  integration  of 
business  processes  while  supporting  a  burgeoning  number  of  remote  work¬ 
ers.  But  doing  so  places  tremendous  pressure  on  the  WAN,  slowing  some 
applications  to  a  crawl  and  dealing  productivity — and  profits — a  heavy  blow. 

In  response,  many  managers  have  tried  adding  WAN  bandwidth,  which  is 
costly  and  doesn’t  specifically  address  application  performance  problems. 
Others  have  added  a  plethora  of  point  devices  and  software  at  the  Web  tier 
to  perform  server  load  balancing,  Web  caching,  compression,  and  many  other 
performance  enhancements  to  offload  back-end  servers  and  improve  per¬ 
formance.  Unfortunately,  the  result  is  a 
mishmash  of  costly,  complex,  and  often 
incompatible  solutions. 

Ideally  what  network  managers  need  is 
a  comprehensive  solution  that  solves  the 
current  dilemma  by  accelerating  application  performance  over  wide-area 
links,  doubling  server  capacity,  reducing  Web  page  download  times  by  half, 
cutting  data  center  expenses,  and  enabling  server  consolidation  to  lower 
overall  IT  costs. 


Integrated  platforms  light  the  way 

It  is  not  surprising  then  that  these  managers  are  enthusiastically  embracing 
integrated  platform-based  application  acceleration  solutions,  such  as  those 
offered  by  Juniper  Networks  Inc.,  Sunnyvale,  Calif.  Juniper  Networks’ WX  and 
DX  application  acceleration  platforms  not  only  eliminate  the  need  for  multi¬ 
ple  point  products,  they  are  also  faster  and  easier  to  deploy  and  scale  as 
business  demands  grow.  What’s  more,  these  integrated  platforms  target  the 
two  primary  issues  impacting  application  performance:  the  data  center,  where 
centralized  resources  reside;  and  the  WAN,  which  links  branch  office, 
remote,  and  mobile  employees  to  the  applications  in  the  data  center  and 
corporate  headquarters. 

At  the  Web  tier,  integrated  platforms  provide  multiple  high-transaction 
processing,  server-offload  capabilities,  and  acceleration  application  perform¬ 
ance,  thus  adding  tangible  productivity  value  and  reducing  costs.  In  the  WAN, 
these  platforms  increase  available  capacity  with  compression  and  sequence 
caching  while  accelerating  TCP  and  application-specific  protocols  to  minimize 
the  impact  of  latency  on  application  performance. 

Juniper  Networks  is  a  leader  in  providing  comprehensive  application  acceler¬ 
ation  and  security  solutions.  Download  the  free  white  paper  “Accelerating 
Application  Performance  across  the  WAN”  at  www.juniper.net/dmyaap. 
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»  Remote  sites  running  sluggishly?  Juniper  Networks’  application  acceleration  solutions  dramatically  improve 
performance  of  your  company’s  web  site  and  networked  apps.  So  everyone  -  internal  and  external  -  enjoys 
a  dramatically  better  network  experience.  What's  more,  you’ll  simultaneously  reduce  network  and  infrastructure 
costs  while  improving  productivity.  Visit  www.juniper.net/freetrial  for  your  free  trial  and  customized  Network 
Health  Report.  Then  quick!  Juniper  your  net. 
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Figure  2 

How  IT  Becomes  Aware  of  Application 
Degradation,  by  Company  Size 

All 


Employee  complaints 

Help  desk  calls  alert  us  to  problem 

We  continuously  monitor  network  performance 

Management  complaints 

We  continuously  monitor  application 
performance 

Based  on  our  experience  we  were  anticipating 
a  problem  and  were  checking  performance 

We  have  not  experienced  any  application 
slowdowns  or  problems  in  the  past  12  months 

Base 


respondents 

Small 

Medium 

Large 

82% 

81% 

89% 

79% 

60% 

30% 

62% 

74% 

55% 

35% 

62% 

60% 

39% 

41% 

38% 

39% 

38% 

41% 

35% 

39% 

23% 

22% 

22% 

25% 

5% 

3% 

5% 

5% 

154 

37 

37 

80 

(Multiple  Responses) 


The  final  consideration,  Johnson  says,  is  that  you 
don’t  always  know  what  the  bandwidth  is  on  the 
endpoint.  Users  could  be  trying  to  access  infor¬ 
mation  overT-3  lines  or  56K  dial-up  lines,  she 
says.  So  rather  than  focusing  on  getting  bigger 
bandwidth,  she  recommends  “figuring  out  how  to 
better  utilize  what  you  have.” 

“You  have  to  decide  what  problem  you’re  trying 
to  solve.  Is  there  too  much  latency?  Is  there  not 
enough  bandwidth?  Where  is  the  slowdown  hap¬ 
pening?”  she  says.  “You  have  to  solve  the  right 
problem  with  the  right  technology.  Is  your  prob¬ 
lem  that  your  servers  don’t  have  capacity?” 

Identifying  the  bottlenecks 
Scott  Crawford,  senior  analyst  at  Enterprise 
Management  Associates  in  Boulder,  Colo.,  agrees, 
and  says  this  type  of  analysis  requires  visibility  into 
the  network. 

Before  committing  to  a  WAN  optimization  tool 
or  service,  he  says  IT  managers  should  assess 
their  network  resources  and  see  where  bottle¬ 
necks  are  occurring. 

“You  can’t  manage  what  you  can’t  measure,”  he 
says.  Crawford  recommends  not  only  using  tools 
that  measure  wide-area  network  performance,  but 
also  those  that  map  the  end-user  experience  with 
applications.“Be  sure  to  measure  at  different  geo¬ 
graphic  points  around  the  world,”  he  says. 


Such  tools  offer 
tremendous  insight,  he 
says,  adding  that  IT  man¬ 
agers  should  consider  the 
core  function  of  their 
application. “For  instance, 
if  you  are  experiencing  a 
large  number  of  SSL  con¬ 
nections  for  a  banking 
Web  site,  then  you  know 
you  need  SSL  offload 
help,”  he  says. 

For  Bernie  Lubitz,  the 
bottleneck  was  in  the  last 
mile. “Our  problem  was 
with  remote  users — 
whether  at  home  or  in 
small  offices,”  he  says. 

Lubitz  is  director  of  telecommunication  tech¬ 
nology  at  Martin  Memorial  Health  Systems  Inc.  in 
Stuart,  Fla.  He  supports  eight  applications  for  a 
large  network  of  healthcare  providers,  including 
hospitals,  doctors’  offices,  and  physicians  working 
from  home. 

Those  applications  include  “thick”  programs  like 
the  core  Health  Information  System  (HIS),  which 
he  calls  “host-based  and  chatty”  and  a  picture 
archiving  communications  system  that  allows 
healthcare  providers  to  access  radiology  images. 


“These  applications  chew  up  a  lot  of  bandwidth, 
but  we  can’t  afford  to  expend  a  lot  of  dollars  on 
bandwidth  to  home  workers  or  small  offices,”  he 
says. 

He  also  can’t  use  the  typical  WAN  optimization 
tools  that  feature  caching  and  compression 
because  the  HIS  application  is  modular  and  the 
picture  system  sometimes  serves  up  real-time 
images. 

Instead,  Lubitz  uses  hardware-based  IPSec  and 
SSL  virtual  private  networks  (VPNs)  to  centralize 
traffic  management.  It’s  a  common  approach, 


"Mining  Success 


Racketeer  helps  Arch  Coal  speed 
up  applications  with  existing 
WAN  infrastructure. 


One  Bit  at  a  Time 


kin  one  of  the  world’s  oldest  industries,  but 

UUcI  die O  Arch  Coal  relies  on  high-speed,  complex  appli¬ 
cations  harnessing  real-time  data  to  push  profit  and  growth  in  its  far-flung 
operations.  But  when  rapid  growth  of  the  nation’s  second  largest  coal  pro¬ 
ducer  resulted  in  increased  data  traffic  between  mines  and  front-office  oper¬ 
ations,  application  performance  began  to  degrade. 

First  the  IT  staff  at  St.  Louis,  Mo.-based  Arch  Coal  attacked  the  problem 
with  a  “brute  force"  solution:They  bought  more  bandwidth  at  one  location. 
But  the  bandwidth  was  quickly  consumed  by  increased  Web  traffic,  and 
offered  no  improvement  to  business-critical,  lower-volume  applications.  Using 
network  monitoring  tools  didn’t  help  either,  as  they  were  useless  in  deter¬ 
mining  the  sources  of  unacceptable  bandwidth  consumption. 

According  to  Don  Staten,  Arch  Coal’s  manager  of  technology  support, 

'We  needed  a  solution  that  would  give  us  the  right  bandwidth  for  the  right 
applications  with  the  links  we  already  had  in  place.” 

That  solution  turned  out  to  be  PacketShaper  appliances  from  Packeteer 
ire.  Cupertino,  Calif.  PacketShapers  deliver  mission-critical  solutions  by  con- 
e  i  '.g  bandwidth  allocation  on  each  WAN  link  and  prioritizing  core  applica¬ 
nt  f.s  requiring  real-time  data  exchanges. 


Great  results,  big  savings 

Specifically,  Arch  Coal  installed  a  PacketShaper  6500  at  its  corporate  office  to 
prioritize  the  outbound  WAN  traffic  for  core  financial  and  operational  appli¬ 
cations. To  further  boost  application  performance  and  optimize  WAN  band¬ 
width,  the  company  deployed  more 
PacketShapers  at  its  remote  mining 
locations. 

The  results  were  striking.  PacketShapers 
helped  increase  network  bandwidth  by  200 
percent  for  critical  applications,  markedly 
improving  business  performance  as  a  direct  result.  Network  capacity  has 
been  increased  up  to  a  factor  of  seven  times,  all  with  utilizing  the  existing 
WAN  infrastructure. 

And  there  are  significant  cost  savings.  “We  estimate  we’re  saving  a  mini¬ 
mum  of  $  1 0,000  per  month  because  the  PacketShaper  system  helps  us  use 
our  existing  bandwidth  so  much  more  efficiently,”  says  Staten.  “Thanks  to 
Packeteer,  we  can  say  with  confidence  that  application  performance  is  meet¬ 
ing  our  users’  needs  across  the  network.” 

For  more  information,  visit  www.packeteer.com. 
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Bandwidth,  compression,  or  probes  simply  won’t  solve  your  WAN  performance 
problems.  Only  Racketeer  enables  you  to  protect  vital  applications,  pace 
greedy  traffic,  limit  recreational  usage,  and  block  malicious  traffic — so  all  your 
locations  will  run  as  smoothly  as  HQ.  Respond  now  for  our  free  handbook, 


The  4  Essentials  of  WAN  Optimization,  and  learn  how  to  optimize  any  WAN  to 
ensure  maximum  performance  for  critical  applications  such  as  SAP,  Oracle, 
Citrix,  VoIP,  Email,  and  hundreds  more.  Go  to  www.packeteer.com/four. 


Racketeer  —  the  WAN  optimization  leader  with  over 
7,000  customers  in  50+  countries  extends  WAN 
application  control  to  the  edge  of  your  network. 


FREE  HANDBOOK 

Discover  the  key  components 
for  ultimate  WAN  performance, 
while  eliminating  the  root  causes 
of  lethargic  WAN  applications. 
Download  your  free  copy  now  at 
www.packeteer.com/four. 


C:2005  Packeteer.  racketeer  and  the  racketeer  logo  are  registered  trademarks  of  Racketeer  Inc.  All  rights  reserved.  All  other  product  or  company  names  are  the  property  of  their  respective  owners. 
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according  to  the  Research  Concepts  report.  In 
fact,  62  percent  of  respondents  already  have 
implemented  VPNs  to  address  application  per¬ 
formance  problems,  and  14  percent  plan  to  roll 
them  out  in  the  next  1 2  months.  (See  Figure  4.) 
Lubitz  understands  why  they  are  popular. 

“Once  you  establish  that  tunnel,  you  nail  that 
pipe  up  and  you’ve  got  guaranteed  bandwidth 
end-to-end,”  he  says.  His  IT  group  uses  the  priori¬ 
tization  functions  within  the  VPNs  to  give  more 
bandwidth  to  the  imaging  and  HIS  programs,  and 
throttle  back  usage  of  the  email  and  other  low- 
Figure  3 
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More  than  5,000  users — students,  faculty,  and 

Brant,  who  is  manager  for  network  services  at 
Abilene  Christian  University  in  Abilene, Texas,  says 
caching  fits  perfectly  into  his  environment  and 
saves  him  from  having  to  add  more  bandwidth 
and  server  capacity. 

“The  issue  we  ran  into  was  the  overall  demand 
for  applications  was  so  high,  but  the  funding  to  get 
additional  bandwidth  was  not  available — that’s 
what  prompted  us  to  look  at  optimization,”  he 
says.  Brant  adds  that  “the  minute  we’d  get  a  bigger 
pipe,  it’d  be  filled — you’d  just  be  throwing  money 
at  it  nonstop.” 


staff — use  30M-bit/sec  connections  to  access  a 
mix  of  applications,  including  courseware  systems, 
ERP,  and  Web  portals.  “We’re  a  one-network  site 
trying  to  provide  this  access.  Our  demand 
exceeds  our  available  bandwidth,”  he  says. 

The  Web  traffic  alone  was  causing  Brant 
headaches.  And  he’s  not  alone.  According  to  the 
Research  Concepts  study,  73  percent  of  respon¬ 
dents  say  Web  traffic  is  a  major  to  moderate 
cause  of  their  application  problems. The  second 
greatest  problem  is  streaming  media,  the  report 
finds.  (See  Figure  5.) 
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Performance 


Law  firm  gives  productivity  a  major  boost  with 
Riverbed  Steelhead  appliances. 


*T“  .  •  its  intense  focus  on  client  service,  the  200- 

iU  V»(Jl  lLIl  JUG  plus  attorney  Allen  Matkins  law  firm,  based  in 
Irvine,  Calif.,  sought  to  better  enable  interoffice  collaboration  among  attor¬ 
ney  practice  groups  distributed  in  distant  offices. 

Practice  groups  consist  of  industry  experts  who  share  vital  documents  and 
client  information  via  the  company’s  wide-area  network  (WAN). With  a 
growing  set  of  demands  being  placed  on  the  WAN  through  these  virtual 
teams,  bandwidth  and  latency  restrictions  were  beginning  to  limit  attorneys’ 
BMb  Q m  ■■■  ability  to  provide  the 

P*  8  B  firm’s  high  level  of  client 
™  service.  Downloading  liti¬ 

gation  case  files  could  take  up  to  20  minutes,  and  uploading  changes  took 
just  as  long,  resulting  in  nonbillable  attorney  hours. 

The  firm’s  IT  team  considered  adding  bandwidth.  But  estimated  costs  of 
doing  so  would  top  $340,000  over  the  first  two  years  alone,  and  would  not 
address  latency  on  the  WAN.  Another  alternative  considered  was  deploying 
a1  instances  of  key  applications  at  each  location.  But  steep  upfront  costs, 
'endal  issues  with  data  freshness,  and  ongoing  management  challenges 
r*‘Tde  this  solution  impractical  as  well. 


The  Riverbed  verdict:  superb  results 

Instead,  the  director  of  technology,  Frank  Gillman,  and  his  team  decided  to 
deploy  Steelhead®  appliances  from  Riverbed®  across  the  firm.  As  a  result,  liti¬ 
gation  case  files  can  now  be  downloaded  up  to  nine  times  faster  than  before. 
Transfers  that  once  took  nearly  20  minutes  are  done  in  just  two  minutes — a 
productivity  improvement  no  increase  in  bandwidth  could  have  accom¬ 
plished.  Because  Steelhead  appliances  give  users  faster  access  to  information 
from  any  remote  office,  regardless  of  the  size  of  the  bandwidth  connection, 
Allen  Matkins  has  been  able  to  efficiently  consolidate  its  IT  infrastructure  by 
centralizing  client  data  in  the  corporate  data  center.  And  the  frustration  level 
among  office  workers  and  attorneys  is  down  markedly. 

The  firm  estimates  it  will  save  nearly  $1  million  annually  in  productivity 
gains,  the  result  of  supercharged  application  performance  over  the  WAN 
with  Riverbed  Steelhead  appliances.  And  the  cost  of  implementing  the 
Steelhead  appliances  turned  out  to  be  70  percent  less  than  a  bandwidth 
upgrade,  while  operating  costs  are  an  astonishing  88  percent  less. 

For  more  information  on  what  Steelhead  appliances  from  San  Francisco- 
based  Riverbed  Technology  Inc.  can  do  to  accelerate  your  applications,  visit 
www.riverbed.com. 
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This  is  what  we  have  in  mind  for  your  WAN. 


y&yt-  f  s  feel  local. 


Most  applications  and  piotocols  were  designed  to  run  locally.  Over  a  WAN,  they  grind  to  a  half. 
That's  why  Riverbed  developed  a  solution  built  on  radically  new,  patent-pending  technology  that 
actually  delivers  LAN-like  performance  across  your  WAN.  Even  for  chatty  applications  that  can 
break  down  across  the  most  robust  networks. 


Riverbed's  proven  solution  allows  your  enterprise  to  consolidate  IT  infrastructure  at  the  data 
center,  optimize  your  bandwidth  usage,  and  still  deliver  applications  and  data  over  your  WAN  - 
at  speeds  that  make  remote  data  feel  local. 


Find  out  how  Riverbed  can  accelerate  your  business.  Visit 

www.riverbed.com/info/nw  to  download  your  copy  of 
the  analyst  white  paper  "Wide  Area  Data  Services"  today. 
Or  call  us  at  1 -87-RIVERBED  to  get  started  right  away. 


©2005  Riverbed  Technology,  IfK  All  rights  reserved  Riverbed  Technology,  Riverbed,  Steelhead  arid  the  Riverbed  logo  Ore  trademarks  or  registered  trademarks  of  Riverbed  Technology,  Inc. 
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Checklist  for  accelerating  applications  and 
optimizing  WAN  resources: 

✓  Resist  the  urge  to  throw  more  bandwidth  at  the  problem.  It  may  be  money  wasted. 

✓  Gain  visibility  into  your  network  with  measurement  tools  for  both  the  links  and  the 
end-user  experience. 

✓  Determine  where  your  bottlenecks  are  and  address  them  one  at  a  time.  For 
instance,  if  you’re  stalling  out  with  SSL  requests,  implement  SSL  offload  tools.  If 
peer-to-peer  file  sharing  is  soaking  up  your  bandwidth,  use  prioritization  and  policy 
tools  to  throttle  back  the  bandwidth  allotted  to  these  applications.  If  you  are  doing 
large  file  transfers,  test-drive  compression  offerings. 

✓  Before  committing  to  any  one  product,  try  it  out  in  your  network  with  your  applica¬ 
tions  and  your  users.  Benchmarks  that  vendors  show  you  may  not  apply  to  your  net¬ 
work  environment. 

✓  Don’t  forget  about  security.  Make  sure  that  your  acceleration  and  optimization 
tools  provide  a  safe  environment  for  users  to  access  network  resources. 

✓  Consider  outsourcing  if  you  do  not  control  the  endpoints — it  might  save  you  time 
and  money  in  management  and  equipment  costs. 


To  reduce  the  amount  of  connections  out  to 
the  Internet — a  task  that  was  taxing  the  net¬ 
work — Brant  uses  a  caching  server  that  stores 
the  most  frequently  requested  pages.  He  uses  the 
tools  in  the  server  to  control  the  freshness  rating, 
setting  it  at  97  percent.  He  says  even  the  3  per¬ 
cent  of  caching  the  server  performs  dramatically 
reduces  the  strain  on  the  network. 

“There’s  a  fine  line  between  people  needing  to 
get  to  files  and  those  just  accessing  Web  pages. 
Typically,  if  they’re  doing  Web  browsing  the  fresh¬ 
ness  doesn’t  have  to  be  that  high,  but  if  they’re 
downloading  the  latest  updates  and  drivers  it 
does,”  he  says. 

Like  Lubitz,  Brant  also  uses  application  prioriti¬ 
zation — mainly  to  control  the  affect  peer-to-peer 
file  sharing  has  on  the  network.  “As  a  university, 
we  experience  a  lot  of  music  file  sharing,  but 
we’re  opposed  to  totally  blocking  it.  Instead,  we 
limit  it  to  under  a  megabyte  of  traffic,”  he  says. 

The  prioritization  tools  let  Brant  set  priority  by 
time  of  day  as  well,  optimizing  how  the  bandwidth 
is  apportioned.  “From  8  a.m.  to  5  p.m.,  the  univer¬ 
sity  is  in  business  mode,  so  traffic  from  the  stu¬ 
dent  dorms  gets  lower  priority  during  that  time. 
After  the  faculty  and  operations  go  home,  then 
priority  can  be  jacked  up  for  students  to  have 
more  available  bandwidth,”  he  says. 

Keystone  Foods’  Marquart  is  also  a  fan  of  band¬ 


width  portioning.  He  uses  traffic-shaping  software 
at  each  remote  site  to  create  centralized  classes 
of  applications.  Like  Brant,  he  doesn’t  want  to  ban 
use  of  file  sharing  or  media  applications.  “We 
don’t  want  to  stop  it,  but  we  also  don’t  want  it  to 


suck  up  an  entire  T- 1  connection,”  he  says. 
Marquart  says  he  sets  priority,  giving  more  impor¬ 
tant  applications  like  VoIP  the  highest  ranking. 

While  he’s  had  “fantastic  success”  with  the  WAN 
optimization  tools  he’s  employed  so  far,  he  sees 


Radware  delivers 
“ app-smart ”  networking  for 
better  business-IT  alignment. 


Optimize  Your  Business 
by  Optimizing  Your  Applications 


l  i  y  connected  world,  business  relies  on  networked  and 

FI  lOQctY  S  Web-enabled  applications  to  drive  productivity  and 
profits.  Companies  can  maximize  their  potential  for  business  growth  and  get 
the  greatest  value  from  investments  in  IT  and  people  by  ensuring  the  availabil¬ 
ity,  performance,  and  security  of  their  mission-critical  networked  applications. 

Business  happens  anywhere,  anytime,  at  the  speed  of  opportunity  when 
you  have  an  “application-smart”  network  that  can  adapt  to  the  needs  of  your 
organization.  When  you  empower  employees  with  guaranteed  application 
access,  fast  user  response  times,  safeguarded  information,  and  reduced  man¬ 
agement  complexity,  the  results  are  obvious:  increased  productivity,  infra¬ 
structure  cost  savings,  and  improved  collaboration  with  partners,  suppliers, 
and  customers. 

Radware.  APSolute’s  integrated  approach 
to  application  delivery 

T  get  networked  applications  to  perform  to  their  fullest  productive  poten¬ 
cy  businesses  need  an  integrated  application  delivery  solution  designed  from 

•  v  g'-ound  up  to  make  networks  responsive  to  dynamic  application  and  busi- 

•  '  -  needs.  APSolute  from  Radware  is  a  cohesive  product  family  that  opti¬ 


radware 


mizes  application  delivery  by  using  unprecedented 

granular  application  intelligence  to  tune  network 
,  ,  ,  ,  availability  I  performance  I  security 

behavior,  end-to-end. 

Radware  APSolute  intelligently  integrates  availability,  performance,  and 
security  capabilities  to  solve  the  problems  of  traffic  overloads,  transaction 
failures,  database  logjams,  server  bottlenecks,  security  breaches,  scaling  costs, 
and  network  management  headaches — all  with  one  unified  solution.  APSolute 
makes  your  network  smart  and  your  applications  reliable,  fast,  secure,  and 
scalable  everywhere  across  the  LAN,  WAN,  and  Internet. 

Whether  you  are  supporting  a  diverse,  distributed  user  constituency  with 
email,  supply  chain  management,  ERP,  terminal  services,  financial,  ecommerce, 
or  any  other  Web-based,  networked  application,  Radware  APSolute  provides 
a  unified  application  delivery  architecture  capable  of  optimizing  the  operation 
of  any  core  business  application  over  your  entire  network.  That  means 
extending  the  reach  of  your  mission-critical  applications  and  guaranteeing  the 
best  user  experience  without  compromising  security,  all  while  reducing  oper¬ 
ating  and  growth  costs. 

For  more  information  on  what  Radware  APSolute  can  do  to  give  produc¬ 
tivity  a  real  boost  at  your  company,  visit  www.radware.com. 
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On  a  wide  area  network,  distance  is  the  enemy. 

The  farther  data  must  travel,  the  less  efficiently  your 
WAN  transports  it.  This  network  “latency”  can  diminish 
application  response  or  worse,  some  data  packets 
may  not  arrive  at  all. 

You  don’t  have  to  add  more  bandwidth.  Often  the 
problem  is  due  to  distance  or  chatty  applications,  and 
additional  bandwidth  doesn't  directly  take  on  the  prob¬ 
lem  of  inefficiency. 


Orbital  Data’s  TotalTransport  accelerates  remote 
office  applications  and  dramatically  increases  data 
throughput  without  having  to  add  more  bandwidth  or 
change  how  you  use  your  network  today. 


Orbital  Data 


111 


www.orbitaldata.com 

1900  South  Norfolk  Street 
San  Mateo,  California  94403 
1.800.280.3406  toll  free 
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Productivity 

|*|  .  •  Peelle  Technologies 

Like  most  companies  jruns  a  variety  of 

Windows-based  applications  but  was  experiencing  poor  application  perform¬ 
ance  at  its  remote  locations.  After  evaluating  different  solutions,  including 
buying  more  bandwidth,  the  Campbell,  Calif.-based  management  services  firm 
deployed  the  Orbital™  6000  series  application  acceleration  solution  from 
Orbital  Data™. 

Since  then,  the  company  has  “been  able  to  improve  application  perform¬ 
ance  without  dedicating  limited  IT  staff  resources  to  managing  the  solution,” 
says  Dayn  Pefferle,  CEO  of  Peelle.“The  increased  productivity  has  had  a  sig¬ 
nificant  impact  on  our  bottom  line.” 

Engineered  to  maximize  return  on  investment  (ROI)  and  minimize  total 
cost  of  ownership  (TCO),  the  Orbital  6000  family  is  designed  to  supercharge 
business-critical  applications  over  WANs;  it  is  capable  of  increasing  data 
throughput  up  to  200  times.The  result  is  a  tangible  increase  in  productivity 
for  users  of  these  applications,  with  predictable  bottom-line  results  like  those 
experienced  at  Peelle  Technologies. 

Panacea  for  remote  offices 

The  Orbital  6000  family  includes  the  Orbital  6800  for  data  center  deploy¬ 
ments  and  the  Orbital  6500  for  remote  and  branch  offices.This  new  platform 


Engine 


Orbital  Data’s  application 
acceleration  solutions 
drive  bottom-line  results . 


incorporates  the  latest  release  of  Orbital  Data’s  TotalTransport  with 
AutoOptimizer™  software. This  solution  delivers  flow  control,  compression, 
and  Common  Internet  File  System  (CIFS)  acceleration  capabilities  for  added 
WAN  throughput  and  speedier  application  response  times.  The 
AutoOptimizer  capability  ensures  that  the  correct  set  of  techniques  is 
applied  to  network  traffic,  based  on  the  characteristics  of  the  application,  the 
WAN  link,  and  the  protocols  used. 

CIFS  acceleration  targets  the  ever-present  (1  T  l"l  I  f  3  I  fl  3  h  3  ^ 

Windows-based  applications. TotalTransport  for  U  I  U  I  I  U  I  LI  U  I  U 

CIFS  resolves  the  most  troublesome  application 

problems  by  delivering  marked  performance  enhancements  to  remote  users: 

It  speeds  up  routine  file  operations  and  directory  browsing. 

“While  the  proliferation  ofWAN  optimization  and  application  acceleration 
products  has  provided  many  different  approaches  to  solving  performance 
issues,  all  of  them  have  a  high  ‘pain  level’  in  the  time  and  resources  that 
enterprises  must  dedicate  to  their  ongoing  management,”  says  Dick  Pierce, 

CEO  of  Orbital  Data  Corp.,  San  Mateo,  Calif.  “The  Orbital  6000  series 
solves  the  problem  of  simply  ‘making  WANs  just  work’  and  providing  pre¬ 
dictable  application  performance  across  far-flung  networks.” 

For  more  information  on  what  the  Orbital  Data  solutions  can  do  to  drive 
productivity  and  profits  for  your  company,  visit  www.orbitaldata.com. 
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Figure  5 
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The  Root  Causes  of  Application  Degradation 
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that  can  be  a  drain  on  net¬ 
work  resources.  “These 
tools  are  a  one-time  cost 
of  $3,000  to  $6,000 — 
that’s  a  pretty  good  return 
on  investment,”  he  says. 


( n=IS4) 


trouble  brewing  ahead  and  wants  to  ward  it  off. 

“We’re  at  the  cusp  now  of  having  to  add  more 
bandwidth,  which  can  cost  as  much  as  $1,000  for 
a  T- 1  per  month  per  site,”  he  says. 

To  avoid  that,  he  plans  to  eventually  add  com¬ 
pression  to  his  network  to  deal  with  noncritical 
applications  like  email,  IMAP,  and  Web  browsing 


Keeping  end  users 
happy 

For  many  IT  managers,  the 
main  benefit  of  better 
application  performance  is 
to  keep  end  users — em¬ 
ployees,  clients,  and  cus¬ 
tomers — happy.  The 
Research  Concepts  survey 
reveals  that  problems  with 
application  degradation  led 
38  percent  of  respondents 
to  experience  reduced 
customer  service.  (See 
Figure  6.) 

“People  want  LAN-like  performance. You  don’t 
want  access  to  the  information  to  be  so  different 
[from]  their  normal  way  of  getting  to  it,  or  too 
slow  to  be  dealt  with,”  says  Rubin  Bennett,  owner 
of  RB  Technologies,  an  implementation  firm  in 
East  Montpelier,  Vt. 

From  pages  not  loading  in  a  timely  fashion  to 


online  Web  sessions  timing  out,  performance 
problems  can  take  their  toll  on  your  business,  he 
warns.  “There’s  a  very  direct  link  between  how 
your  employees  work  and  how  well  they  can 
service  your  customers.  If  your  employees  are 
frustrated  with  the  systems,  they’ll  say  to  cus¬ 
tomers, ‘Our  systems  are  down  again,’  and  you 
don’t  want  that,”  he  says.  ■ 

Gittlen  is  a  freelance  technology  editor  in  Northboro, 
Mass. 

Figure  6 

Results  of  Application  Degradation 
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Supercharging 

Application  Performance  Q 


Q&  A  with  Warren  Ross,  who  runs  product 
marketing  for  Application  Performance 
Services  at  Akamai®. 


Q:What  are  the  key  challenges  network  managers  face  in 
optimizing  the  WAN? 

A:  Enterprises  have  extended  their  businesses  to  customers,  suppliers,  and 
others  outside  the  company,  using  the  Internet  for  transport  of  business- 
critical  application  traffic.  Enterprises  have  learned  they  cannot  improve 
the  performance  of  the  Internet  cloud,  especially  for  long-distance  traffic. 
Companies  are  also  at  the  mercy  of  TCP/IP,  and  the  nature  of  how  this 
protocol  impacts  Internet  traffic. 

Q.What  are  they  doing  to  address  the  challenges? 

A:  They  begin  with  purchasing  additional  bandwidth,  but  this  often  doesn’t 
help  because  bandwidth  is  rarely  the  problem.  So  then  they  begin  looking 
at  their  servers,  which  helps  only  if  servers  are  the  problem.  We  have 
found  the  problem  is  usually  the  Internet  cloud  itself. 

‘o  budget  restrictions  impede  addressing  these  challenges? 

Vhen  problems  originate  with  mission-critical  applications,  money  will  be 
.I-, a  to  fix  them.  But  with  IT  budgets  facing  constant  and  increasing 
t>ny,  all  solutions  must  fix  a  business  problem,  fix  an  IT  issue,  and 


Akamai 

The  Trusted  Choice 
For  Online  Business " 


reduce  TCO — all  at  the  same  time. This  can  force  enterprises  to  live  with 
some  poorly  performing  applications  due  to  budget  restrictions,  especially 
for  long-distance  traffic.  Akamai  has  built  solutions  to  improve  business 
performance  by  improving  the  performance  of  applications  and  lowering 
TCO. 

Q:What  do  third  parties  offer  to  resolve  these  network 
challenges? 

A:  One  good  example  is  Cathay  Pacific,  a  customer  that  we  helped  improve 
site  performance,  support  more  travel  agents,  and  support  peak  traffic 
without  more  infrastructure.  In  general,  Akamai  improves  the  performance 
of  traffic  customers  place  on  the  Internet  by  doing  what  the  customer 
cannot — namely  routing  traffic  around  Internet  bottlenecks  to  reduce  the 
response  time  of  applications,  performing  TCP  optimization  to  increase 
performance  of  traffic  on  the  Internet,  and  dynamically  mapping  end  users 
to  the  best-performing  edge  server  on  the  Akamai  network  to  radically 
improve  performance.  In  sum,  Akamai’s  approach  to  critical  performance 
issues  is  an  application  acceleration  managed  services  approach  that  facili¬ 
tates  expansion  of  the  business  with  lower  TCO. 
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Remote  Application  Performance 
directly  impacts  your  business. 


The  Trusted  Choice 
for  Online  Busine : 


Does  yourinfrastructure  deliver? 


CASE  STUDY 


Cathay  Pacific 

Cathay  Pacific  Airways  is  an  award-winning,  international  airline 
based  in  Hong  Kong  that  offers  scheduled  passenger  and  cargo  services 
to  destinations  around  the  world,  and  carries  almost  one  million 
passengers  every  month. 

The  Challenge:  Global  Application  Performance 
In  Hong  Kong,  our  site  downloaded  quickly,  but  outside  of  Hong  Kong, 
performance  degraded  quite  quickly,"  explains  Scott  Ohman,  Manager 
E-Business  Commercial  for  Cathay  Pacific.  The  airline  knew  that  slow  site 
performance  would  hinder  future  business  growth.  "We  realized  that 
building  out  our  infrastructure  to  address  site  performance  would  be 
astronomically  expensive.  Besides  that,  it  ultimately  wouldn't  help  us 
overcome  our  global  performance  issues,"  explains  Ohman. 


"Altogether,  these  improvements 
should  lead  to  more  bookings  online 
and  proportionally  fewer  calls  to  our 
call  center,  generating  an  estimated 


Why  Akamai 

Accelerate  Time  to  Value 

"In  the  end,  the  Akamai  solution  was  the  clear  choice.  It  came  down  to 
three  'Cs' — cost,  comfort,  and  confidence.  The  cost  was  reasonable;  we 
were  very  comfortable  with  Akamai  as  a  solution  provider  we  could  trust; 
and  we  were  quite  confident  that  Akamai  had  a  proven  solution  that 
would  be  easy  to  implement,"  says  Ohman. 

Improve  Global  Performance 

"Akamai  provides  us  with  a  complete,  cost-effective  solution  that  addresses 
our  requirements  for  improved  performance,  massive  reach  to  support 
our  worldwide  client  base,  and  an  on-demand  infrastructure  to  support 
varying  and  unpredictable  traffic  levels.  They  are  a  crucial  part  of 
our  e-business  strategy  as  our  online  presence  continues  to  grow," 
concludes  Ohman. 


savings  of  up  to  $1,500,000  annually. 


-Scott  Ohman,  Manager  E-Business  Commercial, 
Cathay  Pacific  Airways,  Ltd. 


■r>y. 


The  Akamai  Impact: 

100%  increase  in  online  bookings 

if  Estimated  annual  savings  of  up  to  $  1 ,500,000 

•  Significant  increase  in  agent  extranet  adoptior 

65%  increase  in  traffic  without 
additional  infrastructure 

65%  increase  in  global  site  performance 

Considerable  infrastructure  savings  per  year 

Confidence  in  its  online  presence 


Download 


Grow  your  business,  not  your  infrastructure. 

To  learn  how  Akamai  can  improve  the  performance  of  your  dynamic  applications 
visit  www.akamai.com/appdelivery  and  download  the  whitepaper: 

\  Comprehensive  Approach  to  Dynamic  Application  Delivery 


©2005  Akamai  Technologies,  Inc.  All  Rights  Reserved.  Akamai  and  the  Akamai  logo  are  registered  trademarks. 
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Having  your  cake 


Yes,  you  can  have  high-performance 
applications  that  are  also  secure. 


and  eating  it 


BY  SANDRA  GITTLEN 

There’s  a  myth 

that  adding  security  to  application  access 
leads  to  slower  performance  over  the  wide 
area.  Authentication  requests,  encryption  and 
decryption,  and  tunnel  setups  and  teardowns 
are  all  believed  to  labor  traffic  delivery. 

But  some  IT  managers  are  hoping  that  tra¬ 
ditional  and  emerging  security  tools  will  actu¬ 
ally  help  them  reduce  the  traffic  load  on  their 
networks  and  in  turn  boost  the  performance 
of  their  applications. 

For  instance,  Arthur  Brant,  manager  for 
network  services  at  Abilene  Christian 
University  in  Abilene, Texas,  says  common 
software  for  intrusion  prevention  and  detec¬ 
tion,  such  as  Snort,  could  be  used  to  monitor 
and  detect  unwanted  traffic  on  the  network. 

A  drawback  for  university  networks  is  that 
they  are  often  the  target  of  denial-of-service 
and  other  traffic-flooding  attacks.  “These 


attacks  across  the  wide  area  have  the  ability 
to  compromise  the  whole  network  and  its 
resources,”  Brant  says.  In  the  end,  bandwidth, 
servers,  and  other  performance-affecting 
resources  are  chewed  up  dealing  with  illegiti¬ 
mate  traffic. 

“With  IDS  [intrusion  detection  system]  and 
other  software,  we  can  note  what  type  of 
traffic  is  transported  through  the  pipes.  If  it’s 
no  good,  then  we  can  pull  [the  plug]  on  the 
infected  devices  that  are  spewing  network 
traffic,”  he  says.  He  predicts  that  this  alone 
would  save  a  lot  of  bandwidth  capacity.  “We 
can  eliminate  the  inappropriate  resource  con¬ 
sumption  from  the  network.” 

Vulnerabilities  can  be  a  major  performance 
headache  for  IT  managers.  According  to  a 
recent  survey  by  Research  Concepts,  42  per¬ 
cent  of  respondents  cite  worms  and  viruses 
as  a  cause  of  application  problems  across 
their  networks.  (See  Figure  5.) 


Scott  Crawford,  senior  analyst  at  Enterprise 
Management  Associates  in  Boulder,  Colo.,  says 
that  remembering  the  vital  role  that  security 
plays  in  boosting  application  performance  is 
critical. 

CONTINUED  ON  PAGE  A- 1 8 


The  Cure  for  Slow 


Citrix  NetScaler  speeds  mission- 
critical  applications  for  leading 
healthcare  provider. 


Application  Performance 


r-J  i  pi  Midwestern  healthcare  provider  ProHealth  Care  Inc. 

L. t-dvJ  5  f  '^(PHCI)  in  Waukesha, Wis.,  is  building  an  ambitious  new 
intranet  that  will  be  used  by  more  than  700  physicians  and  nearly  5,000 
PHCI  employees. The  network  provides  access  to  a  wide  range  of  applica¬ 
tions  critical  to  running  PHCl’s  business. 

So  choosing  the  right  vendor — one  able  to  help  PHCI  sustain  high  applica¬ 
tion  availability  and  performance — was  vital. 

“When  a  surgeon  is  waiting  for  information  while  in  the  operating  room, 
you  can’t  say. ‘Stand  by  please. The  application  is  a  bit  slow  now,”’  says  PHCI 
network  architect  William  Bailey.  “In  a  business  like  ours,  highly  responsive 
applications  and  global  application  availability  are  mission-critical.” 

PHCI  chose  Citrix®  NetScaler®  application  delivery  systems  from  Citrix 
Systems  Inc.  because  they  easily  outperformed  the  other  candidates  PHCI 
evaluated  for  its  core  application  acceleration  and  load  balancing  require- 
';  :'is."The  Citrix  NetScaler  systems  clearly  performed  better  than  the 
il  i  candidates  in  ail  areas — globally  across  all  four  data  centers,  at  the 
ti  dividual  server  level,  and  at  the  application  level,"  Bailey  notes. 


Payoffs  dearly  evident 

With  the  Citrix  NetScaler  systems  installed,  PHCI  is 
now  reaping  the  benefits  of  its  decision. 

Bailey  estimates  that  Citrix  NetScaler  systems  have 
already  helped  PHCI  avoid  the  cost  of  additional  Web 
and  application  server  investments  to  handle  impor¬ 
tant  activities  now  performed  by  the  Citrix  NetScaler 
systems.  Also,  the  company’s  market-leading  accelera¬ 
tion  technology  has  greatly  improved  overall  network 
performance.  “We  are  reaping  a  significant  perform¬ 
ance  boost  on  overall  transaction  throughput  due  to 
the  acceleration  that  the  Citrix  NetScaler  application 
delivery  system  provides,”  he  says. 

“Citrix  NetScaler  will  definitely  have  a  role  in 
our  future  growth,”  Bailey  concludes. 

For  more  information,  visit  www.citrix.com/ 
netscaler. 


TAKING  PERFORMANCE 
TO  THE  EXTREME 


Citrix  AppCompress 
Extreme™  goes 
far  beyond  tradi¬ 
tional  acceleration 
technologies 


44x 

(0.3  see) 


No  Standard  Citrix  NetScaler 
acceleration  HTTP  AppCompress 
compression  Extreme 
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Citrix  NetScaler 

makes  any  application 

i  in  up . : 

15  times  faster 

for  anyone,  anywhere. 


Every  day,  leading  Global  2000  enterprises,  including 
the  five  largest  e-businesses  in  the  world,  rely  on 
Citrix®  NetScaler®  solutions  to  dramatically  accelerate 
application  performance.  All  without  adding  servers, 
bandwidth,  or  consultants.  Perhaps  that’s  why 
Citrix  NetScaler  application  delivery  systems  are 
rated  #1  in  customer  satisfaction  among  Layer 
4-7  networking  vendors.  See  what  Citrix  NetScaler 
can  do  for  you  at  www.citrix.com/netscaler 
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The  Skinny  on 


Outsourcers  can  offer  big  benefits  to  IT  organizations. 

BY  SANDRA  GITTLEN 


Service  Providers 


Inhibitors  to  WAN  Optimization  Outsourcing 
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Experts  say 

WAN  optimization  methods  works  best  if 
you  know  the  endpoints  accessing  your  net¬ 
work.  If  you  don’t,  then  outsourcing  is  your 
best  bet. 

“If  you’re  not  in  a  position  to  put  boxes  at 
the  remote  ends,  then  you’re  best  off  with  a 
service  provider,”  says  JohnaTill  Johnson, 
founder  of  Nemertes  Research  in  New  York 
City. 

Options  such  as  managed  virtual  private 
networks  (VPNs)  or  optimized  delivery  serv¬ 
ices  abound  from  a  variety  of  providers, 
including  carriers  and  third-party  vendors. 
However,  a  recent  Research  Concepts  study 
finds  that  only  1 7  percent  of  organizations 
use  an  outsourcer  for  WAN  optimization.  But 
1 8  percent  say  they  are  very  interested  or 


Figure  7 

interested  in 
using  one  to 
ensure  availabili¬ 
ty  of  applica¬ 
tions  for  remote 
employees. 

IT  managers 
across  the  board 
seem  to  shy 
away  from  this 
type  of  out¬ 
sourcing. 

According  to 
the  study  find¬ 
ings,  the  size  of  the  organization  is  a  factor  in 
their  concerns.The  report  finds  that  63  per¬ 
cent  of  large  enterprises  are  worried  about 
giving  up  control  of  their  network,  while  37 
percent  of  small  companies  worry  about  the 


perceived  high  cost.  (See  Figure  7.) 

But  Johnson  says  outsourcers  offer  tremen¬ 
dous  benefits  for  IT  organizations.  “You’d  turn 
to  an  outsourcer  for  all  the  obvious  rea- 

CONTINUED  ON  PAGE  A- 1 8 


Enable  the  Network, 


Power  the  User 


Expand  Networks  helps 
organizations  simplify  their  IT 
infrastructure  while  delivering 
superior  application  performance  to  distributed 
business  environments.  The  result:  improved  user 
productivity  and  cost-effective  IT  management. 


k*  that  the  overwhelming  majority  of  work- 

s  no  secret  ers  today  are  located  away  from  a  central 

office.  But  no  matter  where  they  are  working,  the  common  challenge  they 
share  is  gaining  fast,  reliable,  and  secure  access  to  real-time  data  and  to  the 
applications  they  need. This  remote  worker  phenomenon  combined  with 
movement  to  Web-based  applications  that  were  not  designed  with  the  wide- 
area  network  (WAN)  in  mind  have  placed  significant  stress  on  the  WAN, 
which  often  is  viewed  as  a  bottleneck  and  impediment  to  accessing  net¬ 
worked  assets. 

For  distributed  organizations  like  Hitachi  Capital,  Continental  Airlines, 
Siemens,  the  U.S.  Department  of  Defense,  and  the  American  Red  Cross,  the 
answer  to  the  overstressed  communications  infrastructure  is  the  Accelerator 
platform  from  Expand  Networks  Inc.,  Roseland,  N.J.  Expands  solutions  have 
not  only  significantly  boosted  WAN  and  application  performance  for  the 
-.00  global  customers  it  serves,  but  they  also  support  other  mission-critical 
i  n  atives  such  as  server  consolidation,  migration  from  client/server  to  Web- 
t  ■  to  applications,  server-based  computing,  disaster  recovery,  voice  over  IP, 
3od  several  others. 

What  se  ts  the  Expand  application  acceleration  solution  apart  from  the 


crowd  is  the  ingenious  combination  of  multiple  services  in  a  tightly  integrat¬ 
ed  platform  designed  to  speed  up  remote  office  response  times  and  deliver 
significant  increases  in  user  productivity. These  technologies  include: 

■  WAN  Optimization 

■  Application/Protocol  Acceleration 

■  Management  and  Network  Visibility 

■  Wide-Area  File  Services  (WAFS) 

■  Security 

Bottom-line  results 
The  end  result  is  a  big  boost  in  remote  user  productivity,  paving  the  way  to 
simplifying  and  reducing  the  cost  of  the  IT  infrastructure.  Expand  solutions 
empower  users  by  accelerating  millions  of  common  transactions  such  as 
opening  email  attachments,  logging  into  CRM  systems, VoIP  calls,  processing 
orders,  tracking  inventory,  and  many  others.The  benefits  tumble  to  the  bot¬ 
tom  line  as  application  wait  times  plummet  and  productivity  soars. 

To  find  out  more  about  the  application  acceleration  solutions  that  have 
become  the  choice  of  major  companies  and  organizations  around  the  world, 
visit  www.expand.com  or  call  (888)  892- 1 250. 
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[  ADVERTISEMENT  ] 


Retailer  Interstate  Batteries  Deploys  Expand 
Accelerators  to  Speed  Up  Call  Center  Order 
Processing  and  Customer  Enquiries 


Interstate  Batteries  is  the  leading  automotive  replacement  battery  company 
in  North  America  servicing  200,000  retail  stores  and  dealers.  The  retailer 
runs  both  its  All  Battery  call  center  and  retail  distribution  center  out  of  Des 
Moines,  Iowa  with  hundreds  of  employees  who  require  real-time  remote 
access  to  customer  data  hosted  at  the  company's  headquarters  in  Dallas, 
Texas. 

Interstate  Batteries  has  strategically  deployed  Expand  Networks  Accelerators 
to  proactively  manage  the  delivery  of  PeopleSoft  and  Citrix  applications  to 
the  company's  call  center  and  other  remote  locations.  The  new  applications 
are  used  by  call  center  agents  to  access  customer  data  and  process  orders. 
With  the  Accelerators  deployed  in  10  key  locations  on  the  company's  wide 
area  network  (WAN),  data  transfers  for  PeopleSoft  and  Citrix  applications 
will  be  sped  up  by  as  much  as  10  times. 


"When  we  implemented  PeopleSoft  and  Citrix  applications  at 
our  Dallas  HQs  we  anticipated  that  the  surge  in  traffic  would 
considerably  slow  down  the  network,"  commented  Chris  Yang, 
Senior  Network  Engineer  at  Interstate  Batteries.  "We  knew  that 
if  we  tried  to  roll  out  these  new  applications  to  our  call  center 
and  retail  distribution  center  out  in  Des  Moines,  remote  access 
would  be  unforgivably  slow  and  could  ultimately  degrade 
customer  service  as  well  as  increase  order  processing  time." 


Interstate  was  determined  to  find  a  solution  to  this  potential  problem.  The 
company  began  to  evaluate  solutions  from  QoS  specialist  vendors  but 
discovered  that  QoS  alone  would  not  provide  the  response  time 
improvements  for  its  critical  business  applications  including  PeopleSoft's 
Enterprise  One,  Citrix,  Microsoft  Exchange,  and  Optum. 

Fig  l  The  Solution:^\ - 

Interstate  Call  &  Retail  Interstate  Batteries  HQ 

Center  (Des  Moines,  IA)  (Dallas,  TX) 


Interstate  Batteries  next  turned  to  Expand  for  its  platform  of  tightly  integrated 
application  acceleration  technologies  and  performed  a  detailed  evaluation  on 
select  WAN  links  "The  results  were  amazing,"  continued  Mr.  Yang. 


"With  the  Accelerators  in  place, 
we  are  able  to  speed  up  data 
transfers  by  up  to  10  times  which 
means  we  can  get  to  customer 
enquires  and  orders  a  lot  faster 
than  we  previously  could." 


"In  the  competitive  service  sector,  we  clearly  need  to  provide  an  outstanding 
level  of  service  that  is  fast,  accurate  and  efficient  to  impress  our  customers 
and  maintain  their  loyalty  -  the  Accelerators  provide  us  the  guarantee  that  our 
critical  networked  services  will  always  perform  up  to  the  mark." 

Interstate  Batteries  has  implemented  the  Expand  Accelerators  on  10  key 
network  locations.  In  addition  to  boosting  the  company's  call-center  and  retail 
distribution  center  performance,  Interstate  Batteries  has  also  deployed  the 
Expand  Accelerators  in  its  PowerCare  Division  to  improve  the  reliability  of  its 
DSL  connections.  "The  installation  of  Expand  has  allowed  us  to  downgrade 
some  of  our  T1  lines,  saving  us  over  $36,000  annually  on  recurring 
bandwidth  costs,"  concluded  Mr.  Yang. 


Interstate  Batteries  has  already  lined  up  the  Expand 
Accelerators  in  conjunction  with  future  plans  to  offer  on-line 
training  to  50  of  the  company's  distribution  centers  as  well  as 
the  GPS  tracking  of  Interstate  Batteries'  transportation  trucks  flg 

To  learn  more,  visit  www.expand.com  or  call  toll  free:  1.888.892.1250 
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sons — ease  of  configuration  and  management  and  one-stop  support 
and  service,”  she  says. 

Relying  on  a  service  provider  to  optimize  traffic  delivery  also  saves 
on  having  to  maintain  infrastructure,  such  as  servers  or  appliances,  in 
remote  locations.  Managing  and  patching  equipment,  as  well  as  keep¬ 
ing  licenses  up-to-date  or  dealing  with  co-location  issues,  could 
quickly  overwhelm  a  resource-  and  budget-constrained  IT  staff. 

Another  benefit  to  service  providers  is  that  they  often  are  the  only 
ones  that  can  do  “true”  route  optimization,  she  says. They  control 
infrastructure  close  to  the  user  and  throughout  the  network  to 
ensure  a  clean  path. They  also  use  route  optimization,  compression, 
caching,  and  other  techniques  to  speed  delivery  to  locations,  no  mat¬ 
ter  their  bandwidth  restrictions. 

“Anyone  that  can’t  guarantee  where  their  customers  are  coming 
from  would  be  good  for  these  services,”  she  says. 

For  instance,  an  organization  that  wants  to  offer  Web  site-based 
access  to  corporate  applications  to  thousands  of  global  employees 
could  find  performance  challenging,  Johnson  says.  Not  knowing  where 
and  over  what  connection  they  are  logging  on  would  make  it  difficult 
to  install  infrastructure  to  support  their  needs.  However,  using  a 
managed  service  could  alleviate  this  strain  and  ensure  a  secure,  solid 
connection.  ■ 


Having  your  cake 

and  eating  it 
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“Sometimes  you’re  delivering  information  across  wide-area  links  and  you  don’t 
know  the  endpoints. That  could  be  sensitive  data,  and  you  need  to  be  careful 
about  what’s  left  out  there,”  he  says. 

Built-in  security 

Crawford  says  IT  managers  should  consider  WAN  optimization  tools  that  termi¬ 
nate  connections  on  a  number  of  levels.“You  should  think  aboutTCP,  HTTP,  and 
SSL  links.They  are  a  natural  point  of  defense,”  he  says. 

Many  vendors  build  security  into  their  optimization  and  acceleration  offerings. 
One  example  is  application  firewalls,  which  allow  organizations  to  protect  specific 
applications  over  the  wide  area.  “If  you’re  trying  to  defend  the  network  and  deliv¬ 
er  an  application,  firewalls  offer  security  but  also  high  performance,”  he  says. 

Another  is  SSL  virtual  private  networking,  which  includes  cryptographic  offload. 
“You’re  relieving  the  application  server  from  having  to  do  the  heavy  lifting,” 
Crawford  says. This  speeds  the  application  performance  overall.  He  adds  that 
VPNs  encrypt  and  segregate  traffic  across  the  Internet,  keeping  traffic  safe. 

Finally,  for  true  client/server  security,  companies  can  opt  for  an  end-to-end  solu¬ 
tion  that  secures  the  link  between  a  host  of  enterprise  resources  and  remote 
users.These  products  use  endpoint  scanning,  device  and  user  authentication,  and 
more  to  ensure  the  integrity  of  the  user  logging  on. There  are  also  monitoring, 
access  control,  and  policy  enforcement  features  that  help  protect  the  enterprise 
network.  ■ 
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OUR  MISSION  IS  TO  KEEP  PEOPLE  AND  INFORMATION  CONNECTED. 

LET’S  WORK  TOGETHER. 


Continuous  access  to  information  no  matter  what.  That’s  information 


Availability.  It’s  what  your  employees,  suppliers  and  customers  demand  every 
minute  of  every  day.  But  to  deliver  it  flawlessly,  you  need  a  massive  global 
infrastructure,  redundant  systems  and  diverse  networks  being  monitored  and 
supported  by  skilled  technical  experts  at  secure  facilities.  That’s  exactly  what 
SunGard  provides. 


As  a  result,  we  can  offer  you  a  higher  level  of  availability  and  save  your 
company,  on  average,  25%*  versus  building  the  infrastructure  yourself.  Plus, 
it’s  a  vendor  neutral  solution  that  lets  you  control  your  data,  applications  and 
network  while  giving  you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving  business  problems 
and  less  time  solving  technical  problems. 


For  years,  companies  around  the  world  have  turned  to  SunGard  to  restore  their 
systems  when  something  went  wrong.  So,  it’s  not  surprising  that  they’re  now 
turning  to  us  to  mitigate  risk  and  make  sure  they  never  go  down  in  the  first  place. 


You  want  your  network  and  systems  to  always  be  up  and  running.  We  want  the 
same  thing.  Let’s  get  together.  To  learn  more,  visit  www.availability.sungard.com  or 
call  1-800-468-7483. 
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Open  source: 

The  apps  wave 

Matt  Asay,  founder  and  program  director  of  the  Open 
Source  Business  Conference,  opened  the  recent 
OSBC  event  in  Boston  saying  the  third  wave  of  open 
source  is  arriving. 

He  characterized  the  first  wave  as  adoption  of  Linux,  the 
second  as  the  acceptance  of  open  source  database  and 
application  servers,  and  this  third  wave  as  the  emergence  of 
applications. 

But  not  applications  as  we  know  them.“Applications  that 
are  in  a  perpetual  state  of  beta,”  Asay  said.“They  are  put  out 
there,  and  customers  download  them,  but  they  are  never 
really  done.” While  fully  functional,  the  programs  keep  evolv¬ 
ing  iteratively  creating  what  Asay  called  softerware. 

Companies  from  Novell  to  Google  are  beginning  to  work 
this  way,  he  said,  and  he  expects  others  to  follow  suit.  He 
believes  the  open  source  movement  is  more  about  chang¬ 
ing  the  way  software  is  sold  and  distributed  than  how  it  is 
developed. 

In  a  keynote  speech  Hal  Stern, Sun’s  CTO  of  software, 
argued  that  perpetual  beta  isn’t  a  bad  thing.“We  need  to  stop 
thinking  about  software  as  a  manufactured  asset  and  rather 
as  something  organic.” 

But  he  doesn’t  see  open  source  displacing  large  software 
companies,  simply  because  it  is  hard  to  get  people  to 
develop  stuff  for  free. The  community  he  said,  is  perfect  for 
incremental  innovation,  the  goal  behind  Sun’s  Open 
Solaris  project. 

Regarding  the  application  wave,  Stern  predicts  more  ven¬ 
dors  will  pick  up  open  source  projects  and  host  them  as  ser¬ 
vices  instead  of  trying  to  package  them  for  sale. 

While  agreeing  that  the  application  segment  is  the  most 
exciting  part  of  the  open  source  movement,  Novell’s  newly 
appointed  CEO,  Ron  Hovsepian,said  that  acceptance  has 
been  slow,  because  “we’re  asking  too  much  of  customers. 
They  have  to  be  the  systems  integrator.  We  have  to  do  a  bet¬ 
ter  job  of  packaging.” 

David  Skok,a  partner  with  venture  company  Matrix 
Partners,  hosted  an  after-hours  debate  among  buyers  and 
suppliers  and  gave  the  OSBC  crowd  the  highlights  the  next 
morning. 

One  thing  the  two  sides  agree  on.Skok  said,  is  that  open 
source  will  never  become  mainstream  on  the  desktop. The 
summary  judgment:“lt’s  pennies  on  the  dollar.  Who  cares?” 

The  group  also  agreed  that  customers  who  buy  open 
s<  urce  products  don’t  change  or  modify  the  code,  one  of  the 
*  *  I'd  benefits  of  open  source.  Nonetheless,  buyers  say 
a*.  •  -s  to  the  source  code  has  value,  if  only  for  diagnostics. 

W  i'  won  the  debate? “The  buyers  always  win,”Skok  said. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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QoS  needed 

Regarding  Mark  Gibbs’  Gearhead  column 
“Vonage:  On  again,  off  again”  (DocFinder:  9725): 
This  scenario  is  familiar  to  me,  in  that  I  have  had 
Vonage  as  my  phone  provider  on  Cox 
Communications  cable  Internet  for  almost  a  year. 
One  major  problem  with  it  was  that  my  router  at 
that  time  did  not  have  the  ability  to  set  up  QoS  for 
the  telephone  adapter.  Once  I  upgraded  to  a 
Linksys  router  with  that  capability,  I  had  no  more 
dropouts,  choppiness  or  other  problems.  Readers 
should  know  that  a  router  with  QoS  is  a  must  if 
you  are  doing  VoIP 

Craig  Wolf 
Omaha,  Neb 

Just  a  phone,  please 

I  fully  agree  with  Howard  Anderson’s  column 
“Curmudgeons  of  the  world,  unite”  (DocFinder: 
9724):  Stop  the  nonsense.  No  more  morphed  elec¬ 
tronic  devices. 

Give  me  a  cell  phone  that  sounds  as  clear  as  a 
landline  phone  100%  of  the  time,  lets  me  know 
when  I  am  about  to  drop  a  call,  rings  me  when¬ 
ever  I  am  in  range  and  notifies  me  of  voice  mail 
the  moment  1  turn  it  on,  not  one  or  two  days  later. 
That’s  it.  No  camera.  No  video.  No  voice  recorder. 
No  music.  No  games.  No  nonsense.  Just  a  phone! 

Then  apply  this  principle  to  other  devices,  such 
as  printers,  faxes,  scanners,  copiers,  camcorders, 
alarm  clocks,  ovens,  VCRs  and  DVD/CD  players. 
(Do  1  really  need  a  digital  clock  in  every  elec¬ 
tronic  device  in  the  house?)  Oh, and  can’t  my  car 
just  be  a  car?  I  don’t  need  a  rolling  entertain¬ 
ment  center. 

Jack  Fbuchet 
Irvine,  Calif. 


Dealing  with  amorality 

Regarding  Mark  Gibbs’  BackSpin  column  “Dealing 
with  crazy  corporations”  (www.networkworld.com, 
DocFinder:  9723):  The  amorality  (or  immorality 
depending  on  your  point  of  view)  of  corporations 
has  been  well  known  and  understood  by  the  cyni¬ 
cal,  the  skeptical  and  the  poor  for  a  long  time.  It  was 
a  fundamental  component  in  the  1960s’  anti-corpo¬ 
rate  movement,  antitrust  legislation  in  the  late  19th 
century  and  Karl  Marx’s  theory  of  socialism.  For  the 
reasons  Gibbs  states,  business  ethics  usually  lose 
when  they  conflict  with  the  goal  of  profit. 

This  amorality  like  most  other  attributes,  is  magni¬ 
fied  by  size.  Small  corporations  are  impacted  by  the 
decisions  of  an  individual.  Corporations  with  assets 
and  revenues  millions  of  times  that  of  the  average 
worker  have  correspondingly  greater  power;  it 
becomes  impossible  for  individuals  to  make  an 
impact.  Only  a  correspondingly  large  organization  — 
government  at  the  appropriate  level  —  has  sufficient 
power  to  effectively  deal  with  large  corporations. 

Sadly  the  aphorism  that  “it  is  impossible  to  legislate 
morality”  places  serious  limits  on  the  positive  effect 
government  can  have  on  corporate  behavior.  This 
limit  is  further  eroded  when  corporations  can  and 
do  freely  use  their  economic  muscle  to  influence 
politics,  partly  or  completely  neutralizing  the  only 
entity  capable  of  controlling  corporate  excess. 

Perhaps  a  solution  can  be  found,  but  we  will  again 
be  faced  with  trade-offs  between  the  many  eco¬ 
nomic  benefits  corporations  provide  and  the  clear 
abuse  of  power  endemic  to  the  system. 

Randy  Grein 
Bellevue, Wash. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  editor  in 
chief,  Network  World,  1 18  Turnpike  Road.  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


Readers  respond 
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CYBERSPACES 
Daniel  Blum 


Don't  lose  control  with  outsourcing 


Two  or  three  years  down  the  road,  would 
you  like  to  see  your  enterprise  IT  security 
go  out  of  control?  Would  you  like  protec¬ 
tion  to  be  almost  completely  reactive,  expen¬ 
sive,  always  responding  to  emergencies  and 
fraught  with  surprises? 

Try  outsourcing. 

I’m  not  talking  about  a  limited-scope  project 
such  as  outsourcing  benefits.  I’m  talking  about 
the  big  kahuna  —  outsourcing  the  entire  IT-net- 
work  computing  environment. 

There  have  been  a  few  very  large  organizations 
that  turn  major  applications  —  or  all  the  network 
except  for  applications  —  over  to  third-party  oper¬ 
ations,  provisioning  and  help  desk.  Outsourcing 
can  save  companies  a  lot  of  money  but  it  can  also 
cause  them  to  lose  control  of  IT  security 
We  have  seen  many  problems  over  the  years. 
Most  come  down  to  the  organizational  walls  that 
outsourcing  erects  and  the  difficulty  of  anticipat¬ 
ing  all  the  contingencies  in  a  contract. 

Frequently  outsourcers  low-bid  their  offer  to  get 
the  business  and  then  try  to  make  it  up  in  change 
orders.  But  running  IT  security  two  or  three  years 
from  now  the  way  you  ran  it  last  year  isn’t  going  to 
cut  it.  Threats,  vulnerabilities  and  consequences 
evolve.You  must  be  able  to  adapt  the  architecture. 
One  company’s  outsourcer  was  good  at  re¬ 


sponding  to  incidents  but  wasn’t  helpful  in  the 
post-incident  review.  Again,  adaptability  erodes. 
Another  company  had  some  business  units  that 
had  outsourced  and  some  that  had  not.  Con¬ 
fusion  over  whether  a  worm  had  traversed  “in 
scope”  or  “out  of  scope”  locations  complicated  its 
response. 

Service-level  agreements  (SLA)  could  re¬ 
bound  against  security  Modern  organizations 

Be  sure  that  security  is 
considered  when  you’re 
planning  outsourcing. 

can  no  longer  rely  on  a  single  firewall;  large  net¬ 
works  generally  need  to  be  divided  up  into 
zones  of  trust  that  separate  systems  with  differ¬ 
ent  connectivity  requirements  and  risk  levels. 
But  an  outsourcer  with  an  SLA  that’s  based  only 
on  performance  will  resist  creating  new  perime¬ 
ters  after  the  contract’s  been  inked.  A  lack  of 
zoning  could  leave  your  network  wide  open  to 
emerging  threats. 

A  company  can  give  up  control  over  IT,  but  it 
cannot  transfer  its  responsibility  to  the  sharehold¬ 
ers  for  the  potential  consequences.  If  secret  for¬ 
mulas  or  other  intellectual  property  fall  into  the 


hands  of  competitors,  or  if  material  deficiencies 
turn  up  on  a  Sarbanes-Oxley  audit,  blaming  the 
outsourcer  is  cold  comfort. 

Be  sure  that  security  is  considered  when  you’re 
planning  outsourcing  or  trying  to  bring  an 
already-outsourced  environment  back  under 
control.  Define  security-related  roles  and  respon¬ 
sibilities  clearly  and  completely  Specify  clear 
security  objectives  in  the  SLA  for  integrity  confi¬ 
dentiality  availability  accountability  and  use  con¬ 
trol;  demand  sufficient  redundancy;  and  require 
sufficient  separation  of  product  functions  and 
staff  duties  to  prevent  common  mode  failures.  Re¬ 
tain  the  ability  to  monitor  and  audit  the  out¬ 
sourcer’s  environment  to  independently  verify  ful¬ 
fillment  of  the  objectives.  Require  the  contractor 
to  support  post-incident  review  and  strategic 
adaptation  of  the  protection  architecture  in  addi¬ 
tion  to  day-to-day  operations  and  response. 

But  wait,  there’s  more.  Even  if  you’re  using  the  IT 
Infrastructure  Library  for  SLAs,  don’t  rely  on  it  for 
security  Check  out  ISO  17799:  2005  instead  (see 
www.networkworld.com,  DocFinder:  9722). 

Blum  is  senior  vice  president  and  research  direc¬ 
tor  with  Burton  Group,  an  integrated  research,  con¬ 
sulting  and  advisory  service.  He  can  be  reached  at 
danjblum  @yahoo.  com. 


ON  SECURITY 
Winn  Schwartau 


With  VoIP,  it’s  deja  vu  all  over  again 


If  your  company  is  planning  to  exploit  the  in¬ 
credible  power,  flexibility  and  cost  savings 
offered  by  VoIR  there  are  two  things  you  need 
to  know:  VoIP  people  don’t  think  like  IP  people; 
security  is  going  to  be  a  nightmare. 

Recently  I  spoke  with  the  leading  VoIP  folks 
from  around  the  world.This  elite  group  represents 
VoIP  subsidiaries  and  working  divisions  of  some¬ 
thing  like  94%  of  the  planet’s  telecom  service 
providers.  I  got  called  in  to  provide  an  in-context 
and  out-of-context  view  of  VoIP  and  security  I 
began  with  a  couple  of  easy  soft-pitch  questions. 
Or  so  I  thought. 

“How  many  of  you  use  penetration  testing  as 
means  to  maintain  the  integrity  and  continually 
test  the  security  of  your  VoIP  networks?”  I  asked. 
Not  one  hand  went  up.  I  figured  there  was  a  lan¬ 
guage  problem, so  I  rephrased  the  question.“How 
many  of  you  have  a  dedicated  staff  of  security 
people  whose  sole  job  is  to  stress  the  network  to 
find  problems  before  the  customer  does?”  Again, 
no  hands  were  raised. 

After  recovering  from  my  shock,  I  asked,  “Why 
don’t  you?”  The  most  common  response  was, 
“Why  should  we?” 

That’s  when  I  retreated  to  the  security  basics.  I 
talked  about  how  denial  of  service  and  distrib¬ 
uted  DoS  can  paralyze  VoIP  and  about  data-trans- 
fer  integrity,  and  asked, “What  are  you  guys  doing 
about  this?”They  shrugged. 

The  VoIP  community  has  not  travailed  with  us 
for  the  last  25  years  and  learned  the  lessons  of  vir¬ 
tual  venom  and  online  conflict.Their  biggest  con¬ 


cerns  are,  first,  QoS  (they  get  paid  more  and  earn 
greater  profits  when  the  QoS  is  high;  they  lose 
points  and  money  when  QoS  is  low)  and, second, 
billing  accuracy 

Historically  the  endpoints  of  communications 
have  been  dumb.  One  lesson  the  IP  world  has 
learned  is  that  complexity  breeds  insecurity; 
dumber  is  securer. 

But  the  world  the  VoIP  crowd  is  building  uses 
endpoints  that  are  much  smarter.  Therefore,  the 
VoIP  version  of  security  is  bass-ackwards  from  the 
IP  approach.  And  you’re  planning  on  bringing 

I  assumed  VoIP  guys  were 
security-clueful,  and  I  was 
dead  wrong. 

VoIP  into  your  enterprise?  Hmmm. 

Next,  I  asked  this  group  of  now-nervous  VoIP  nel¬ 
lies, “Can  any  of  you  tell  me  where  your  VoIP  and 
data  networks  meet,  converge,  talk  to  each  other, 
share  facilities,  etc.?” Silence.  I  rephrased  the  ques- 
tion:“How  do  your  VoIP  and  data  networks  talk  to 
each  other?”  Still  sort  of  blank  stares. 

One  guy  chirped, “Ah, . . .  they  don’t.”  Incredulous, 
1  asked  a  number  of  people  whether  their  VoIP 
and  data  networks  were  completely  isolated  from 
each  other,  and  the  consensus  was  that  they  were 
disparate  networks. 

I  whipped  out  a  Sharpie,  ran  to  the  flip  chart  and 
scribbled  some  clouds,  cylinders  and  routers. 
After  several  Pollock-esque  flourishes,  someone 


called  out,  “Mine  connects  there,”  and  someone 
else  said,  “Sure,  it  has  to  connect  here  and  there 
and  there  to  make  it  work.”  It  was  just  that  they 
apparently  had  never  been  asked  the  question  in 
a  security  sort  of  way 

Over  the  next  several  hours,  we  learned  a  great 
deal.  The  communications  world  is  moving 
toward  VoIP  but  does  not  have  the  security  exper¬ 
tise  it  needs  in-house  to  meet  the  real-world  stress 
it  will  encounter.  1  learned  a  lesson  I  should  never 
forget:  I  assumed  these  guys  were  security-clueful, 
and  I  was  dead  wrong. 

They  learned,  I  hope,  that  the  threats  the  VoIP 
industry  is  going  to  face  will  be  merely  variants  of 
what  it  has  already  seen  more  than  once.  I  also 
hope  they  carried  away  something  more  impor¬ 
tant:  an  awareness  that  security  must  be  designed 
in  from  the  beginning  and  that  the  next  genera¬ 
tion  of  VoIP  gear  must  have  a  more  aggressive 
security  posture  than  the  current  one. 

As  for  you?  If  you’re  getting  into  the  VoIP  world, 
great,  but  be  cautious.  Make  sure  you  put  on  your 
bad-guy  hat  and  stress  the  vendor  and  the  tech¬ 
nology.  In  a  few  short  minutes  it’s  not  too  difficult 
to  come  up  with  a  healthy  range  of  attack  vectors. 
Better  for  you  to  detect  and  delay  VoIP  deploy¬ 
ment  problems  than  to  dive  headlong  into  a 
place  none  of  us  want  to  revisit. 

Schwartau  is  a  security  writer,  lecturer  and  presi¬ 
dent  of  Interpact,  a  security-awareness  consulting 
firm.  He  can  be  reached  at  winn@thesecurity ' 
awarenesscompany.  com. 


/ 

\ 

f 

OK 

m 

i 

< 

m 

A  long  time  ago,  in  an  apartment 
complex  not  so  far  away,  youn& 
Keith  Shaw  falls  asleep,  haV\i\& 

witched  the  "Star  Wars  Mutay 

Speciat "  earlier  in  the  evening. 

Filled  with  iocoa  Puffs  and  peannX 

butter,  Xi  :h  dreams  abouUta 

future,  holidays  and a\\  o\ \n 


The  dream  begins  here  , 

Epson  Perfection  3590  Photo 
Scanner,  $130.  Old  photos  and  neg¬ 
atives  get  a  boost  with  the  photc'b 
restoration  features  on  this  flatbed' 
scanner. Turn  your  old  35mm  neg¬ 
atives  and  slides  into  21st-century 
digital  images. 

Fujitsu  LifeBook  PI 500  series  note¬ 
book,  starts  at  $1,500.  Tills  pen- 
enabled  convertible  notebook 
weighs  just  2.2  pounds,  has  inte¬ 
grated  802. 1  la/b/g  wireless  and 
comes  with  the  Windows  XP  oper¬ 
ating  system  instead  of  Windows 
XP  Tablet  Edition.  Its  touchscreen 
lets  your  fingers  do  the  p<  tinting — 
no  special  pens  are  needed. 

Uniden  ELBT595  Bluetooth  cordless 
phone,  $250.  This  cordless  phone 
works  with  a  standard  telephone 
line,  but  it  also  can  grab  the  WAN 
on  a  Bluetooth-enabled  cell  phone 
to  make  outgoing  calls  on  your  cell 
phones  minutes.This  phone  is  per¬ 
fect  fOf  people  who  don’t  want  a 
home  landline  or  who  want  to  re¬ 
charge  their  cell  phone  in  the 
charging  base  while  still  making 
phone  calls  (because  they’re  using 
the  cordless  handset). 

DLP  ViewSonic  PJ256D  projector, 
$2,000.  This  projector  packs  a  big 
punch  for  its  size,  offering  a  crisp 
image  (l,024-by-768-pixel  native 
resolution)  for  users  who  want  to 
plug  in  their  laptop  for  presenta¬ 
tions  or  connect  to  a  high-defini- 
tion  signal  to  watch  the  big  game 


<  Dell  2405FPW  monitor,  $1,200  These  days  you  can  end  up  spending 
more  for  your  monitor  than  you  do  for  your  PC. This  outstanding  24- 
inch  LCD  monitor  from  Dell  supports  that  choice.  It  includes  four 
USB  connections.  1 ,920-bv-  1,200-pixel  resolution, a  built-in  memoiy 
card  reader  and  digital  video  interface.The  widescreen  display  ets 
you  monitor  multiple  applications  without  toggling,  and  the  fast 
response  rate  (between  12  and  16  millisec)  will  give  you  good  per¬ 
formance  for  DVDs  and  games.  If  that’s  not  enough,  the  screen  also 
rotates  90  degrees  for  your  choice  of  landscape  or  portrait  viewing. 


at  home.  The  projector's  2.2- 
pound  weight  makes  it  easy  to  j 
bring  it  from  Work  to  home  and 
back  again. 

Toshiba  Portege  R200-S234  note¬ 
book,  about  $2,000.  This  ultra-light, 
ultra-thin  notebook  has  a  very 
sharp  screen  (12.1-inch,  1,024-by- 
768-pixel  resolution  display). 
Integrated  Wi-Fi  and  Bluetooth 
connectivity  keep  you  unwired 
and  connected  when  you’re  on 
your  couch  checking  fantasy  foot¬ 
ball  scores.  You'll  appreciate  its 
small  size  when  you  travel  or  work 
in  coach  on  an  airplane. 

Westinghouse  LVM-37w1  Video 
Monitor,  about  $1,600.  Our  favorite 
TV  this  year  is  this  high-definition 
beauty  —  not  only  does  it  offer  a, .  g. 
great  picture  for  HD  signals  (the..  Vt 
resolution  offers  16.7  million  obi-  'V"- 
ors),  but  the  multiple  in|j$£|| 
options  also  let  you .  coitiBjwpHBj 
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HP  Photo* mart  M517 


-  '  0'¥>u  Can  find 

fts.nief that  the 
;  - :  -;hi$r  •  t ££h h  o  I  ogy.o  f  this  USB 
•:  rfi'Cw tse'AVill let  you  move  theeur- 
£^SjF& ysi>r around  quickly  without  repet- 
rtivemotibns.The  mouse’s  smaller 

- 

--  size  antf  retractable  cord  make  it 
j  easier  to,  pack  up  and  go  than 
rttfiCr  bulkier  mice. 

B  '  APC  3-in~1  Wireless  Mobile  Router 

:  WMR1000G,  $70.  Travel-ready 

routers  let )you  add  wireless  to  a 
.Hotels  broadband  connection 
iso  vou  can  Work  on  your  bed  if 
you  want),  but  this  one  is  special 
’  because  it  can  turn  into  three  dif- 
ferent  devices.  A  mode-selector 

<y  j>-  .  X-',""  ,T 

button  lets  you  turn  the  device 
into  an  access  point,  an  access' 
point/router  or  Ethernet  client. 
You  can  also  set  security  easily, 
which  makes  this  good  for 
mobile  workers,  who  need  to  be 
protected  while. on  the  road. 

Zyxel  P2000W-U2  Wireless  VoIP 
^  phone,  about  $200.  With  the  pro¬ 
vided  Broadvoice  service,  you'll 
be  able  to  configure  the  service 
quickly  and  easily. The  802.1  lb/g 
B  connection  will  give  you  a  dial 
tone  anywhere  there's  a  wireless 
access  point,  and  the  security  set¬ 
tings  (04-  or  128-bit  Wired 
Equivalent  Privacy)  will  keep 
conversations  private. 

ZioCorp  FoneMate  SD  and  SIM  card 
manager,  $00.  Every  GSM  cell¬ 
phone  owner  needs  this  device, 
which  make  it  simple  and  pain¬ 
less  to  transfer  phone  numbers 
and  address-book  records  from 
an ,  old  phone  to  a  new  one.  Its 
ProPix  Media  Manager  software 
can  also  transfer  imagesjand  ring 
tones  between  a  PC  and  SIM  card 
or  between  other  memoiysSards. 
This  will  save  hours  for  anyone 
who  has  to  transfer  data  on  cell 
phones. 

Philips  200W6  20-inch  LCD  monitor, 

$600.  This  business-oriented  LCD 
monitor  has  a  widescreen  display 
■  that  lets  users  display  two  letter- 
• '  sized  pages  side  bv  side, eliminat- 
> ing  the  need  to  toggle  between 
c*  two  or  more  applications.  Com- 
Wi.  \  patibility  with  Philips'  Smart- 
Manage  asset-management  tech- 
uologv  can  monitor  the  location 

-v  dr  r  ,,  • 

the  monitor,  in  case  anyone 
wants  t(  i  take  it  home  and  use  its 
v  *vsP°,,se  time  and 

^:«»-*UWH>ixel  resolution  for 
DVD. 

Logitech  67  Cordless  Laser  Mouse, 

;y  ,  «  SI ft  most  ci rpifortable 

at  garnets  and 
others  k it tRlng  for  precise  control 


v  HP  Photosmart  M517,  $200. You  no  longer 
have  to  be  intimidated  by  a  f>.  1-megapix¬ 
el  digital  camera.  The  M517  includes  a  2- 
inch  display,  much  larger  than  other  digi¬ 
tal* cameras,  making  it  easier  to  capture 
and  view  photos.  A  “fast  shot”  mode  can 
eliminate  the  delay  sometimes  associated 
with  digital  cameras.  An  AC  adapter  can 
charge  the  rechargeable  batteries  inside 
the  camera, another  nice  feature. 


a  Sony  Vaio  T350P,  about  $2, 100, This  2-pound  note¬ 
book  has  an  integrated  wide-area  wireless  con¬ 
nection  (Cingulars  E:  >GE  network),  which  means 
you  won’t  be  searching  for  a  coffee-shop  Wi-Fi  hot 
spot  if  you  need  to  download  your  e-mail  late  at 
night  (it  does  include  Wi-Fi  in  case  you  still  want 
to). The  10.6-inch  widescreen  display  and  Dolby 
headphone  and  virtual  speaker  technology  will 
let  you  watch  movies  enjoyably  on  the  device  if 
you  don’t  like  what  the  airline  is  offering, 


v  Toshiba  Qosmio  notebook,  $3,000.  Is  it 
possible  to  fall  in  love  with  a  notebook? 
It  is  with  the  Qosmio  G25  series, a  sleek 
black  unit  with  a  17-inch  widescreen 
display  (with  TruBrite  technology).  IG 
bytes  of  RAM,  two  60G-byte  hard  drives, 
integrated  wireless  (802. 1  la/b/g  and 
Bluetooth)  and  a  'IV  tuner.  This  note^ 
book  is  bigger  than  most  desktop  PCs 
that  we’ve  seen  lately. 
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(three  sensitivity  setting  iet'^^;^?^ 
create  a  fast-  or 
mouse).  More  importantly, 
cordless  base  station  can  also- 
^recharge  the  mouse's  lithium  ion 
batteries  (two  batteries  are  bun¬ 
dled  with  the  mouse).  .  , 

Ultimate  Ears  Super.fi  3  Studio  ear¬ 
phones,  SI 00.  Sweet  little  in-e:ar 
headphones  are  great  for  travel¬ 
ing  or  working  in  a  noisy  environ¬ 
ment.  So  much  outside  noise  was 
blocked,  we  couldn't  hear  our¬ 
selves  typing  —  a  surreal  experi¬ 
ence  at  first.  Even  a  planes 
engine  noise  is  lessened,  letting 
you  actually  hear  the  audio  dur¬ 
ing  the  in-flight  movie. 

Lenovo  S51  ThinkCenter  desktop, 
about  SI,  100. The  desktop  made 
for  the  IT  department,  the  S51 
includes  an  easy-opening  cover 
and  clearly  labeled  internal,  com¬ 
ponents  that  make  fixes  and 
upgrades  fast  and  simple.  An  inte¬ 
grated  fingerprint  scanner  lets 
departments  implement  strong 
authentication  procedures.  The 
size  of  the  desktop  is  also  impres¬ 
sive.  as  it’s  smaller  than  a  tele¬ 
phone  book. 

FireStore  FS-4  DV  hard  drive,  S750. 

This  FireWire  hard  drive  can  be 
used  to  capture  digital  video 
directly  from  a  video  camera, 
eliminating  the  need  for  tapes,  as 
well  as  to  transfer  the  capture  of 
the  tape  to  PC  before  editing.You 
can  add  a  second  FireWire  cable 
and  directly  edit  the  video  right 
off  the  hard  drive.  If  you're  getting  V 
ready  for  the  upcoming  video 
blog  revolution,  you'll  want  to 
save  a  lot  of  time  with  this  device. 

Skullcandy  Skullcrusher  head¬ 
phones,  $90.  If  you’ve  spent  good 
money  on  a  digital  music  player 
and  then  you  discover  that  you 
have  to  listen  to  it  on  wimpy  ear- 
buds  with  tinny  sounds,  you 
might  be  a  bit  disappointed. 

That’s  why  we  loved  the 
Skullcrusher  headphones,  which 
include  an  embedded  bass  • 
amplified  subwoofer  inside  the 
headphones.  Crank  up  the  sound 
enough  and  you  can  feel  the  bass 
in  your  dental  work.  Cool. 

Humax  DRT400  DVD  Recorder  with 
TiVo,  $400.  This  box  is  a  40-hour  , 
TiVo  Series  2  system  that  includes  - 
a  DVD  burner  that  can  easily)?^ 
transfer  recorded  shows  directly 
to  a  DVD.  Although  it  takes  some 
time  to  burn  a  show  to  a  DV D..i::V. 
(about  30  minutes  for  twbiirpurs 
of  shows),  at  least  you  eantyysfglia 
TV  while  it's  burning.,'- .  ; 

JBL  Encounter  speakers,  ffijraBya 
Even  if  these  speakdiV 


<  Das  Keyboard, 

$80.  “Use  the  force!” 

At  first  you  might  think  this 
keyboard,  which  is  for  serious 
touch-typists  only,  is  gimmicky  (it’s 
all  black,  and  there  are  no  key 
labels).  But  once  you  try  it  out.  its 
tactile  feedback  and  overall  nice 
feel  will  actually  make  you  a  faster 
typist.  Justbe  prepared  for  some 
funny  looks  from  co-workers  or 
family  members. 
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-  out  'it  this  vvyirkT  sound  system. 

’  ,Tbie  jlikVyMiifktakt'is  and  34-watt 
'  sq&wootei  prpwde  .  enough 
power  and-good  sound  for  your 
"C  i’C  system.  music  players  or  game 
-  -  '-consoles.  ' 

Logitech  V20  Notebook  Speakers. 
$80  Chances  are  you  have  an  old 
...  .  -  notebook  with  teeny-tiny  tinny 

. .  speakers,  made  hack  in  the  day 
.  before  people  started  storing 
their  digital  music  files  on  com¬ 
puters  If  you  are  still  stuck  with 
one  of  these  notebooks,  you  can 
now  attach  these  USB  speakers 
for  a  better  sound  experience; 
They  actually  make  incoming  e- 
mail  sound  more  melodic. 

Verizon  Wireless  VX81Q0  (by  LG), 
Slab. This  clamshell-style  phone 
might  not  have  all  the-  bells  and 
whistles  of  the  latest  cell  phones, 
but  its  1.3-megapixel  camera, 
dual-color  screens,  Bluetooth 
wireless  and  ability  to  connect 


I 


to,"  Verizon’s  EV-DO  network  for 
high-speed  1  data  downloads 
(including  video  clips)  should 
keep  you  happy  and  not  put  a 
dent  in  your  wallet. 

Cowon  America  iAudioX5,  $300.  An 
iPod  killer  that  actually  might  live 
up  to  its  claim,  this  20G-byte 


device  includes  support  for  sever¬ 
al  audio-file  formats  (including 
uncommon  ones  such  as  OGG, 
FLAC  and  ASf  .An  FM  radio  fea¬ 
ture  is  a  nice  surprise,  letting  you 
listen  to  the  radio  when  you  get 
bored  with  your  play  lists.The  1  .fl¬ 
inch  color  display  is  good  for 
watching  movies  or  viewing  pho¬ 
tos.  We  actually  got  jealous  looks 
from  several  iPod  users  we 
showed  this  device  to.  m&k, 
Sling  Media  Slingbox,  $2.mSimply 
the  best  way  to  watch  your  TV  or 
recorded  shows  from .  anywhere 
on  the  planet,  the  Slingbox  attach¬ 
es  quickly  to  (tie  TV  feed  in  your 
home  and  your  broadband  con¬ 
nection.  Its  bundled  software  lets 
you  ’-watch  your  TV  feed  from 
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Clockwise  from  top  left; 

Palm  TX  handheld,  $300.  Palms  latest  PDA  lias  internal  Wi-Fi  and 
Bluetooth  for  connecting  to  the  Internet,  a  large  color  screen 
(320  by  480  pixels)  for  viewing  photos  or  ( )ffiee-based  docu¬ 
ments, and  a  media  card  slot  that  can  play  your  digital  music. 
TheTX  is  a  great  example  of  combining  the  best  business  fea¬ 
tures  with  something  that’s  fun  to  play  with.  It's  the:  best  device 
from  Palm  that  isn’t  named  Tiv<  >. 

Sprint  Smart  Device  PPC-6700,  about  $030.  The  latest  cell 
phone/PDA  hybrid  from  Sprint  includes  the  latest  W  indows 
Mobile  OS,  EV-DO  wireless  network  capability;.  1-mtgapixel 
camera  and  a  slide-out  keyboard  for  text,  input  Wi-Fi  and. 
Bluetooth  complete  the  wireless  features  of  this  G-ounqe 
device, 

Nextel  7520  BlackBerry,  $200  (plus  service  fees),  Tlie  onh 
BlaekBerry  de\  ior  that  adds  GI’S  na\  igalinn  ffatme-,  ,tl u  i  V’e 
from  Sprint  Nextel  indudesa  cell  phone. organizer. the  Nextel 
Direct  Connect  walkie-talkie  service  and  Bluetooth  wireless, 
and  makes  it  possible  for  users  to  store  and  view  image  file 
attachments.  It’s  an  all-in-one  device  for  an\  on-the-go  mobile 
worker. 

Sony  MFM-HT95,  $800, its  fair  to  call  this  more  a  multi-function 
monitor  than  just  aTV  or  LCD  monitor.  Multiple  video  inputs  let 
you  hook  up  any  number  of  different  sources, including  a  yarn¬ 
ing  console,  DVD  player, TV  cable  feed  or  PC  cable.  An,  easy-to- 
understand  remote  control  quickly  switches  video  source  sig¬ 
nals  to  get  you  to  the  right  feed  quickly.  Integrated  speakers 
complete  the  package. 

Buffalo  Link  Theater,  $300.  The  next  generation  of  networked 
media  players,  the  Link  Theater  combines  a  DVD  player  with 
network  access  to  let  you  play  music  photos  and  videos  stored 
On  a  different  computer  system  (  or  networked  attached  st<  >rage 
device). The  system  streams  the  multimedia  across  an  802.1  lg 
network  without  any  latency  or  jittei; which  were  pr<  )blems  with 
earlier  networked  media  players. 
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(i>  continued  fronj  page  66 

IS  ■  W  ■  ;•  ;  ■ 

■  .■■-'< enough-  s[iSoe  to.  work  oh  Ollr 

i  TV  at  the 

(...(;'  s,4m.e  time  ;  ■; 

Lapworks  Laptop  Legs,  $  10  to  $20 

(  toe-Ttf  the'  easiest  ways  to  raise 
.;  /•y<>ui'fi4otet.H;ok  t<  >  I  le.lp  alleviate 
V  the' heat  it  generates  is  to  attach 
these  plastic  Japtop'-Tegs  to  the 

Ry-.  t  hottt.)ni  .of  your  notebook.  Other 
fe '  ~  than- creating  your  own  in >tel x x  >k 
.  stand,  this  is  the  easiest  and  most 


;>■  inexpensive  way  to  help  let  hot 
air  escape  or  let  cool  air  in. 

Seagate  USB  2.0  Pocket  hard  drive,  , 

-  $100.A  round  and  portable  .hard  ■ 

■  drive  that  fits  in  yom  poefot  and 
stores  up  to  .TO  A 

retractable  USB  ebfd.  means  no 
messy  cables '’carry  around 
when  you're  transport  ini'  the 
drive  or'thn  rwing  it  in  a  la]  >t<  >p. 

SmartDisk  FireLite  100GB  USB 


» 

# 


portable  drive,  $263.  If  you  want  to 
earn'  your  entire  music,  video 
and  photo  collection  with  you  at 
all  times  and  not  Ire  weighed 
down  by  the.  device,  this  drive  is 
worth  a  look  This  many  gigabytes 
in  shill  a  small  package  is  truly 
impressive.  Back  up  si )  ft  ware  that 
ships  with  the  drive  will  let.  you 
automatically  and  securely  save: 


all  of  your  files  when  connected 
t<  >  a  PC  i  ii  Mae. 

WowWee  Roboraptor,  $100.  What 
would  a  gift  guide  he  without  a 
robot?  This  years  entry  is 
Ruhoraptoi;  a  walking,  roaring 
robotic  dinosam  from  the  makers 
ol  Iasi  -years  Rohosapien.  Ihe 
Roboraploi  walks  around,  has 
three  distinct  "moods'  and 
includes  a  renn  ite  e< nilgai.:  tl ml 
lets  useis  .program  «Jleidul 
actions.  The  robot  has  mmsoi.s 
j  .  that  it  Will  react  to  when motion  is 
defected,!  h( “  soi is< irs  around  the 
robot’s  head  make  it  seem  like 
l.lie  dinosam  is  alx nit  I'  >  attack 
•your  hand  when  il  approaches 
This  robot  might  actually  he  loo 
seal  y  !■  n  y< i.iirig  c  liift  Iren,  as  its 
.scrcams'spi liw I  prelly  friglitei i it ig 
Altec  Lansing  im7,  $250  I  In  i\IV 
will  turn  your  iltxl  into’ a  Ml  hod 
,  ted  boom  box  providing  big 

'  si  iimd  |i  h  j tadii -s  afftlii ■  heaeli  or 

in  the  I xickyard  The  uruvt Tsai  era 
die  graeeliillv.  holds  any  dock 
"  able  iPod  seemely,  and  it  will 
s.y  ..  h -d uiii'r  il ie  unit  as  welj.  A  tiny 
wiieless  reniote  eonlrol  lets  you 
A;  swil'  h  s'  mgs  without  having  to 

CmpvAy  Jiit.r  byt T  lo  the  device,  and  .3 
■  video  cgitpnt  support  lids' you  dis 


Top  to  bol  im: 

Optoma  Movie  Time,  $1,500.  Create  an  instant  move  t  with 
this  device,  which  combines  a.  DVD  player, integrated  speakers  and 
a  projector  in  one  unit  (you  no  longer  have  to  mess  with  J'jo<  iking 
up  a  laptop  or  other  DVD  player  to  a  separate  projector.)  .The  unit 
includes  other  video  inputs  and  an  optical  audio  output  so  you 
can  attach  other  video  devices  (such  as  a  , gam  tug  console  j » »i  cre¬ 
ate  a  hotter  sound  experience. 

Skullcandy  MacGyver  MP3  watch,  $170  to  $300  (depend 
capacity]. Storage  drives  and  MP3,  players  converge  with  tl 
watch.  It’s  a  hit  large  for  business  users,  hut  were  told  that  big 
watches  are  now  hip.  What  is  especially  cool  is  the  < 
audio  player  that  can  play  \lP3orWMA  files.  A  voice  record  :•  . 

tine  lets  you  walk  into  void  boss  oftiee  to  record  <  on- 1  ■  t 

to  i  din  i  fm  tut!  V. 
black. 

iPod  Nano,  $250  MG  bytes).  Our  love  affair  with  the  iPod  contin¬ 
ues.  l\  dll  the  ihjliiiest  , Hid  tilliesl  devji  e  i  p. . i 
on  the  TG-byte  model. and  it's  perfect  for  working  out. traveling,oi 
just  sitting  and  admiring  its  color  screen  and  lookin 

Logitech  Wireless  Headphones  for  MP3, 5120  I  le  Bi  i  t  #»th  is  efnl 
for  something  other  than  cell  phones!  Tl ies< *  behind-tlie-eai  h<  -ad- 
phi  rues  include  a  Bluetooth  wireless  dilaptei  that  connects  t<  i  tire 
headphone,  jack  of  you}*  music  playei  yon  ran  then  walk  around 
enjoying  your  music  up  lo  50  tee)  ywav  from  tie  player. -l  hat  ,  an 
he  g( x xl  for  things  such  as  w<  iikoi  its  wl i< *rf-  v<  x i  don’t,  want  .i  <  <  m I 
getting  in  the  way 


WITH  SPECIAL  HEAVYWEIGHT  GUESTS: 

A  UNIFIED  VIEW  OF  ALL 
YOUR  INFO:  LESS 


$ 


INTEGRATION  OF 


★ 


★ 


WHATEVER  THE  SOURCE 


★ 


SEARCHING,  MORE  WOW  ING 


THE  POWER  OF  ASCENTIAl 
SOFTWARE  COMBINED  WITH  THE 
INNOVATION  OF  WEBSPHERE 


IBM  MIDDLEWARE.  POWERFUL  PROVEN.  FIGHT  BACK  AT  WWW.IBM.COM/MIDDLEWARE/INTEGRATE 


IBM,  the  IBM  logo  and  WebSphere  are  registered  trademarks  or  trademarks  ol  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  ©2005  !BM  Corporation.  All  rights  reserved 


A  remote  user  experience 
just  like  you're  standing 
at  the  rack, 

with  a  GUI  as  comfortable 
as  fine  Italian  shoes. 


y  .  ViS® 


www. Improves  On  Perfection.com 


Dominion  KX 

incorporates  128-bit  SSL  encryption, 
fending  off  hackers,  even  from  your 
video  stream. 


An  elegant  design, 
providing  remote,  BIOS-level 
access  and  control  of  Wintel  and 
Linux  servers  that  works  with  the 
industry's  widest  range  of 
browsers  and  operating  systems. 


Introducing  the  newest  version  of  Dominion®  KX.  A  perfect  combination  of  features. 


Attention  Linux®  admins  ...  Our  newest  KVM  (Keyboard,  Video,  Mouse)  switch  gives  you  a  combination  of 
features  you  might  have  thought  impossible.  The  new  Dominion  KX  gives  you  secure  anytime,  anywhere 
access  and  control  from  almost  any  combination  of  browser  and  OS  you  like  to  work  with.  Plus  you  get  a 
remote  user  experience  that's  virtually  indistinguishable  from  an  at-the-rack  connection.  Come  to  our  website. 
See  just  how  perfect  your  IT  infrastructure  management  could  be. 


Raritan. 

When  you're  ready  to  take  control.™ 


©  2005  Raritan  Computer.  Inc.  Raritan  and  Dominion  are  registered  trademarks  of  Raritan  Computer,  Inc. 
Linux  is  a  registered  trademark  of  Linus  Torvalds 
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MANAGEMENT  STRATEGIES 

■  CAREER  DEVELOPMENT  ■  PROJECT  MANAGEMENT  ®  BUSINESS  JUSTIFICATION 

Nationwide  formalizes  capacity  mgmt 

An  IT  insider  recounts  cross-company  effort  to  create  a  process  model. 


BY  KENNETH  CLARK 

n  January  2004, 1  was  selected  as 
process  developer  for  Nationwide 
Financial  in  a  cross-company 
Information  Technology  Service  Man¬ 
agement  development  project  for 
capacity  management. 

ITSM  is  a  process-based  framework  for  managing  IT  ser¬ 
vices.  My  responsibility  as  the  process  developer  for 
Nationwide  Financial  was  to  work  with  process  developers 
from  Nationwide  Services  Co.  and  Nationwide  Property 
and  Casualty  to  develop  an  enterprisewide  capacity-man¬ 
agement  process. 

The  Information  Technology  Infrastructure  Library  (ITIL) 
is  the  de  facto  standard  in  IT  service  management  world¬ 
wide,  defines  capacity  management  as  “the  process  for 
ensuring  that  IT  infrastructure  capacity  matches  the  evolv¬ 
ing  demands  of  the  business  in  the  most  cost-effective  and 
timely  manner” 

The  most  attractive  aspect  of  this  project  was  the  oppor¬ 
tunity  it  provided  to  create  a  common  language  that  would 
be  accepted  and  used  by  three  organizations  within  the 
same  company  To  achieve  this,  the  process  developers 
compiled  the  best  practices  they  had  in  common  and 
applied  them  to  each  participating  organization.^  a  high 
level  a  project  like  this  would  add  value  by  accomplishing 
the  following  goals: 

•  Promoting  a  common  awareness  and  understanding  of 
capacity  management. 

•  Improving  communication. 

•  Improving  current  practices. 

•  Creating  and  retaining  valuable  information. 

•  Developing  repeatable  processes. 

•  Reducing  capacity  costs. 

Having  considered  these  potential  benefits,  the  project 
should  easily  sell  itself  and  add  value  for  the  entire  enter¬ 
prise.  The  team  included  three  process  developers,  a 
process  architect,  a  technical  writer,  a  project  manager,  a 
program  manager  and  a  project  sponsor. 

During  our  initial  sessions,  we  gathered  information 
from  various  sources  to  gain  a  general  understanding  of 
the  industry’s  approach  to  capacity-management  devel¬ 
opment.  Because  this  was  Nationwide’s  first  effort  to 
develop  such  a  process,  the  experiences  of  other  compa¬ 
nies  were  examined. 

To  remain  consistent  with  previous  ITSM  processes,  the 
capacity-management  approach  to  be  developed  would 
comply  with  the  standards  of  ITIL. 

With  this  directive, the  capacity-management  process  was 


developed  to  apply  to  all  three  Nationwide  participants. 
That  proprietary  model  depicts  how  information  flows 
through  the  primary  and  non-primary  capacity-manage¬ 
ment  processes.  In  addition,  the  model  depicts  the  output 
of  the  process  and  shows  how  constant  communication  is 
built  into  the  flow. 

After  the  process  model  was  approved,  the  next  step  was 
to  develop  procedures  for  each  activity  in  it.  Although  input 
from  the  three  Nationwide  organizations  differed  at  times, 
the  group  had  to  keep  in  mind  that  it  needed  to  retain  cur¬ 
rent  best  practices  as  well  as  maintain  ITIL  compliance  in 
developing  the  procedures.To  do  this,  we  conducted  a  cur¬ 
rent-state  analysis  with  practitioners  in  each  Nationwide 
organization.  Practitioners  are  generally  individuals  at  the 
specialist  or  consultant  level  who  monitor  and  handle 
daily  activities  related  to  capacity  management. 

To  prepare  for  this  analysis,  the  team  distributed  a  ques¬ 
tionnaire  to  the  target  application  areas  with  the  goal  of 
identifying  capacity-related  best  practices  and  incorporat¬ 
ing  them  into  the  process. 

The  development  team  found  that  all  three  organizations 
had  a  common  approach  to  capacity  management:  It  was 
usually  addressed  after  something  had  broken  or  a  thresh¬ 
old  had  been  exceeded,  events  that  frequently  resulted 
from  practitioners  not  being  informed  in  a  timely  matter 
about  new  capacity  needs  created  by  the  addition  of 
equipment.There  also  were  no  signs  of  proactive  problem 
management.  Both  situations  communicated  the  need  for 
a  formal  capacity-management  process. 

Keeping  current  conditions  in  mind,  the  team  devel¬ 
oped  process  flows  for  each  activity  identified  in  the 
model.  For  example,  the  model  includes  primary 
processes,  such  as  managing  business,  service  and 
resource  capacity.  For  these  processes,  the  team  gathered 
and  assessed  data,  made  recommendations  to  cus¬ 
tomers  and  notified  stakeholders  about  potential  effects 
on  capacity 

These  process  flows  had  to  satisfy  the  needs  of  each  par¬ 
ticipating  organization  to  add  the  greatest  value  to 
Nationwide  as  a  whole.  Accompanying  each  process  flow 
were  activity  descriptions  and  work  instructions.  When  the 
flows  were  completed,  the  process  architect  reviewed  them 
for  accuracy  continuity  and  ITIL  compliance.Then  we  con¬ 
ducted  a  training  class  for  practitioners  to  review  the 
process. 

This  training  was  a  critical  element  in  improving  the 
capacity-management  process  —  and, in  some  cases, intro¬ 
ducing  one.  All  practitioners  agreed  there  was  a  need  for  a 
formal  process  and  were  able  to  see  the  benefits  it  would 
yield.  They  also  had  the  opportunity  to  compare  notes  on 
capacity-related  incidents,  identify  common  points  of  pain 
such  as  the  timing  and  flow  of  communication,  and  ulti¬ 
mately  see  how  the  process  can  help. 

Throughout  the  development  process,  the  team  kept  in 
mind  that  the  success  of  the  capacity-management  process 
would  depend  on  its  acceptance  by  practitioners  and  sys¬ 


tems  users.To  help  achieve  this, current  ITIL-compliant  best 
practices,  including  mandatory  testing,  communication 
procedures  and  establishing  data  repositories,  were  re¬ 
tained  and  incorporated  into  the  capacity-management 
handbook.  As  a  result,  practitioners’  acceptance  came  with¬ 
out  opposition. 

The  group  is  preparing  to  move  into  the  implementation 
phase  and  is  confident  that  the  practitioners  and  systems 
users  will  remain  enthusiastic  about  the  ways  the  capacity- 
management  process  will  benefit  their  daily  activities. 

Because  these  key  players  were  involved  in  the  develop¬ 
ment  process,  we  learned  from  each  other,  listened  to  and 
addressed  each  other’s  needs,  and  created  new  processes 
that  add  value  and  efficiency  Nationwide’s  consolidated, 


Ken  Clark  helped  promote  a  common  awareness  of  capacity 
management  within  Nationwide's  business  units. 


cross-company  approach  fostered  interactions  by  develop¬ 
ers  and  practitioners  that  otherwise  would  not  have 
occurred.  Maintaining  this  level  of  engagement  and  col¬ 
laborative  input  will  ensure  success  in  subsequent  phases 
of  the  capacity-management  project. 

Clark  is  a  process  developer  for  Nationwide.  He  can  be 
reached  at  CLARKK14@Nationwide.com. 
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Apcon  Intellapatch™  delivers  solutions  that  reduce  costs 
for  enterprise  and  test  lab  environments 


IntellaPatch 

Physical  Layer  Switches 


enterprise: 

*  Reduce  packet  analyzer 
and  monitoring  costs 
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•  Centrally  control  and 
distribute  packet  analyzers 

•  Enable  100%  network  visib 
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Remotely  control 
physical  connectivity 
of  monitoring  device 
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Test  Labs: 

•  Automate  networking  and 
software  test  labs 

•  Instantly  reconfigure  test  lab 
topologies 

•  Decrease  testing  time  and  cost 

•  Decrease  product  time 
to  market 


For  the  full  IntellaPatch  story,  click  www.apcon.com  or  call  1.800.624.6808. 


U  Apcon 

Solutions  for  Networks 


TAP  into  Performance 

Monitor  mission-critical  links  with  the 
latest  technology  through  new  nTAPs 

Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  /?TAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 


Ethernet  Copper nTAP 

For  copper-to-copper  connections 
Choose  your  speed: 

10/100 . $395 

10/100/1000 . $995 


10/100/1000  Conversion  nTAP 

Copper  input  with  copper  or 
fiber  output  options 
Choose  your  analysis  output: 

SX . $1,495 

LX . $1,495 


Optical  Fiber  nTAP 

.  Multiple  split  ratios 

Choose  your  port  density: 

Single  channel . 

$395 

Four  channel . 

$1,795 

1  Six  channel . 

$2,395  . 

To  learn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET-nTAP  today. 

Free  overnight  delivery* 

g  C€  “free  overnight  delivery  on  all  U.S. orders  over  5300.00  confirmed  before  12  pm  CST.  (  *TAP 

nTAP  and  the  nTAP  logo  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC.  y 


How  Do  N  du  Distribute 
Power  in  Yoi  r  ata 
Center  Cabir  et? 


With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 

The  Sentry  CDU  distributes  power  for  Blade  servers  or  up  to  42  dual 
power  1U  servers  in  one  enclosure.  Single  or  3-phase  input  with 
110VAC,2Q8VAC  or  mixed  110/208 VAC  single-phase  outlet  receptades. 


Metered  CDU 

>  Loral  input  Current  Monitoring 
Smart  CDU 

>  Loral  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probe 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Server  Technology 


Switched  CDU 

>  Loral  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

...  IP  Monitoring  of  Power,  Ten  per. 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


1040  fontffoil  Or 

... 


... 
f  1  77j /P.4V','. 
4/  4.]  770  iZ\ 


r 


maybe  it’s  time 
you  look  at 

AdaptiveKVM" 

When  servers  are  down  or  inaccessible,  you  need 
fast  and  reliable  out-of-band  access  and  control. 

Cyclades  AdaptiveKVM™  (patent  pending)  is  the  industry’s  first 
integrated  solution  that  combines  KVM  over  IP  and  Microsoft® 
Remote  Desktop  Protocol  (RDP)  technology  in  a  single 
appliance.  By  using  KVM  over  IP  combined  with  RDP, 
AdaptiveKVM  provides  continuous  access  for  remote  server 
management. 

Next-Generation  KVM  Solution 


AiterPath™  KVM/netPlus 

| - 1  Download  a  FREE  White  Paper  on  AdaptiveKVM 

I  ==E  j  www.cyclades.com/akvm 


www.cyclades.com/nw 

1„888.cyclades  *  sales@cyciades.com 


cyclades 


£'2005  Cy doles  Corporation.  AR  rights  reserved  Ail  other  iradeworits  and  product  imogo  ore  property  of  their  respective  Produci  skww'oc  eAteo  a 
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MATRIX  KVM  SWITCH  WITH 


UR  REACH 
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LOCAL  OR  REMOTE  SERVER  MANAGEMENT  SOLUTIONS 
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UltraMatrix™ 

Remote 

KVM  OVER  IP 


INTEGRATED 


ACCESS  OVER  IP 
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r\vm  uvcn  ir  .  system  -wide  connectivity  over  IP  worldwide  and  locally 

•  Connects  1,000  computers  to  up  to  256  user  stations 

•  Supports  PC.  Stirt, .Apple,  USB,  UNIX,  serial  devices 

^  .  »»»«  .  r  .  High  quality,  video,  up- to  1280  x  1024 

ij>-—  *  Secure  encrypted  operation 

:  •'  •  View  real-time.- video  from  4  computer  connections  with 

quad-screen  mode 

.  ■  — - 

. - - 

The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-glide  KVM  drawer  contains  a  high-resolution  TFT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


UltraMatrix™  ■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 

E-series  2  -  4  KVM  STATIONS  TO  1 ,000s  OF  COMPUTERS 

KVM  SWITCH  •  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  On-screen  menu  informs  you  of  connection  status  between  units 
in  an  expanded  system 

•  Powerful,  expandable,  low  cost 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

•  Video  resolution  up  to  1600  x  1280 

T  *  - - - -  •  Available  in  several  models 

•  Easy  to  expand 

The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 

4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 


"'—i....  ■.1’V 

XtendVue 

Vertical  Rack  mountable  LCD 
With  Built-in  KVM  Extender 


RackView 

Fold-Forward 


RackView  RackView 

Fold-Back  LCD  Monitor 


RackView 

Keyboard 


Avoid  overloading  circuits 

Monitor  the  current  draw  as  you  install  equipment 

Protect  circuit  from  unauthorized  use 

Turn  outlets  off  when  not  in  use 

Avoid  in-rush  current  overload 

Outlets  are  turned  on  sequentially 

Manage  power  via  Network  Interfaces 

Built-in  Web,  SNMP,  Telnet  support 


Power  Distribution  Units 

•  Basic:  Vertically  and  horizontally  mounting  with  a 
range  of  amps  and  voltages 

•  Metered:  Ability  to  monitor  the  current  draw  and 
set  alarm  thresholds  that  when  exceeded,  provide 
both  visual  and  audible  alarms 

•  Switched:  Advanced,  remote  power  distribution 
and  control.  User  configurable.  Users  can  configure 
the  sequence  in  which  power  is  provided  to 
individual  receptacles  upon  start  up. 


APC's  advanced  power  distribution  units 
distribute,  monitor  and  remotely  control 
power  in  rack  enclosures. 

Now  you  can  remotely  control  power  to 
individual  outlets  and  monitor  aggregate 
power  consumption  via  local  and  remote 
displays.  Access,  configure  and  control  the 
APC  Switched  Rack  PDU  through  Web, 
SNMP  or  Telnet  interfaces. 

From  basic  power  distribution  to  controllable 
outlets,  APC  has  solutions  up  to  14.4  kW 
to  fit  your  IT  environment  needs.  See  our 
entire  line  of  rack  PDUs  online  at  www.apc. 
com. 


Every  product  carrying  this  mark  has  been 
tested  and  certified  for  use  with  InfraStruXure™ 
architecture.  Before  you  buy,  check  for  the  X  to 
guarantee  product  compatibility. 


H 

InfraStruXure 


ROSE  US  281  933  7673 

ROSE  EUROPE  +44(0)  1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1 540 


800-333-9343 

WWW.ROSE.COM 
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Increase  your  data  center  availability 

...with  APC  Rack  Power  Distribution 


Enter  to  WIN  a  FREE  APC  Rack  PDU  today. 

Visit  http://promo.apc.com  Key  Code  f896x  •  Call  888-289-APCC  x6793  •  Fax  401-788-2797 


With  over  15  million 
satisfied  customers, 

TM 

APC's  Legendary  Reliability 
guarantees  peace  of  mind. 


Legendary  Reliability 


® 
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THE  2005  MUNICIPAL  WIRELESS  STATE  OF  THE  MARKET  REPORT 

AN  INDUSTRY  FIRST  FROM  MUNIWIRELESS.COM 
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The  municipal  wireless  arena  -  broadband  wireless  initiatives  by  state  and 
local  governments  and  community  groups  -  has  quickly  become  one  of  the  most 
dynamic  market  segments  in  the  entire  hi-tech  industry.  It's  already  having  dramatic 
impact  on  technology  and  policy  decision-makers  in  cities,  counties,  and  states,  as 
well  as  on  consultants,  systems  integrators,  vendors,  and  telecommunications 
carriers. 

For  the  past  two  years,  MuniWireless.com  has  been  the  leader  in  defining  this 
market.  Everyone  who  needs  the  latest  news  and  insights  comes  to 
Muniwireless.com  for  cutting-edge  information  on  implementations,  RFPs  for  new 
opportunities,  legislative  developments  and  hot  technologies.  But  because  the 
market  is  so  new,  dynamic  and  rapidly  evolving,  it's  been  difficult  for  many  decision¬ 
makers  to  get  a  handle  on  just  how  big  a  market  opportunity  municipal  wireless 
represents.  Until  now.  - 


THE  DEFINITIVE  REPORT 
ON  THE  EMERGING 
MUNI  WIRELESS  ARENA 


ONLY  $375 
FOR  A  LIMITED  TIME 
use  promo  code  10204 

' 

https://muniwireless.microcast.biz/ 
market  report.php 
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2005  MUNICIPAL  WIRELESS  SPENDING  BY  MUNICIPALITY  TYPE 


The  2005  Municipal  Wireless  State  of  the  Market  Report  includes: 

•  Market  sizing  and  growth  rates  for  2004  through  2007 

•  Breakdowns  by  size  and  type  of  municipality 

•  Spending  analysis  by  type  of  expenditure 

•  Deployment  and  usage  trends 

•  Key  applications 


And  mark  your  calendar  for 

MuniWireless  Atlanta  2006 
March  6-7,  2006 
Westin  Peachtree  Plaza 
Atlanta,  GA 


This  groundbreaking  research  will  be  an  invaluable  tool  for  anyone  involved  in  the 
municipal  wireless  industry  including  city  and  county  IT  executives,  city  planners, 
elected  officials,  integrators,  and  vendors. 


Hi  MuniWireless 

www.muniwireless.com 


Hitting  a  wail  with  your  current  sniffer? 


CURRENT  SNIFFER 


OBSERVER  II 


Break  through  with  Observer  1 1 .  Now  with  enterprise  strength  VoIP  analysis.  New  features  include  an  enhanced 
VoIP  Expert,  Quality  Scoring,  Call  Detail  Records,  MultiHop  Analysis,  and  64-bit  Windows  support.  It's  time  to  reset  your  analyzer. 


I Wired  to  wireless.  LAN  to  WAN.  One  network  -  complete  control . 


US  &  Canada  UK  &  Europe 

toll  free  800.526.5958  +44  (0)  1959  569880 

www.networkinstruments.com/analyze 


MARKETPLACE  11/14/05 


Ethernet  Terminals  from 

ComputerWise  connected  to 

. 

your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  C  Benefits 

•  Interactive  Tejnet  Client 

•  TCP/IP  over  TO/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 
Program  Included 

•  Larger  keyboard  and 
display  sizes  available 


CO\MTEKWBE. 

Call  1-800-255-3739  or  visit  www.oomputerwise.com 
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Indexer 


The  Smart  Choice  for  Text  Retrieval®  since  1991 

♦over  two  dozen  indexed, 
unindexed,  fielded  and  full-text 
search  options 

♦  highlights  hits  in  HTML,  XML  and 
PDF  while  displaying  embedded 
links,  formatting  and 


dtSearch 


images 


Instantly  Sean*  ft 
Terabytes  of  Text  l 


♦  converts  other  file  types 
(word  processor,  database, 
spreadsheet,  email,  ZIP,  Unicode, 
etc.)  to  HTML  for  display  with 
highlighted  hits 


Desktop  with  Spider  «- 

Network  with  Spiden— 


Web  with  Spider-* 
Publish  f or  CD/DVDs  (“onl 
c„i„eforWin&.NET 


Reviews  of  dtSearch 

♦  “The  most  powerful  document  search 
tool  on  the  market”  —  Wired  Magazine 

♦  “dtSearch  ...  leads  the  market” 

—  Network  Computing 

♦  “Blindingly  fast” — Computer  Forensics: 
Incident  Response  Essentials 

♦  “A  powerful  arsenal  of  search  tools” 
—  The  New  York  Times 


♦  “Super  fast,  super-reliable” 
—  The  Wall  Street  Journal 


Engine  for 


See  www.dtsearch.com  for  hundreds 
more  reviews  &  case  studies 


♦  “Covers  all  data  sources ...  powerful 
Web-based  engines”  —eWEEK 

♦  “Searches  at  blazing  speeds” 

—  Computer  Reseller  News  Test  Center 


-IT-FINDS  •  www.dtsearch.com 


SENSAPHONE 

IMS 


TM 
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Monitor  the  REST  of  your  Computer  Room! 

^  •  Water  on  the  Floor 

•  Temperature 

•  Power  Problems 

•  Security 

•  Smoke  and  Fire 

•  Humidity 

•  Video 

•  And  much  more 


Embedded 

Web 

Server 


Internal 

UPS 


Dealers  Wanted 


Monitoring 


Sends  Monitors 

SNMP  64 

Messages  IP  addresses 


Sends 


Control 

Interface 


Port 


Modem 
Ex  Pager  Port 


(Temperature,  Humidity. 
Water,  Mo  Hon.  Rower, 
Smoke/Fire) 

Expandable 


Power 


•••  ’•clAsiSf'lfp 

SENSAPHO  IE 

Tel:  877-373-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  T9014 

1.408.727.1122 


info@recurrent.com 


3431  De  La  Cruz  Blvd,  Santa  Clara,  CA  95054 


FIBER  OPTIC  SOLUTION 

•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO-9001 

•  USB  Modem  and  Hub 


s.i.TECH 

Toll  Free  866  SITech-1 
630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 


Systems/? 


GBIC'S/I 

Also  Available:  Extreme,  Adtran 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC 


The  #1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  www.CGmstarine.eom 


11.14.05  •  www.networkworld.Gom  *  77 
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Network  World  -  www.networkworld.com 

ADIC  Microsoft  Corp 

Adtran  Inc  Mimosa  Systems 
Akamai  Technologies  NCS  Technology 

American  Power  Conversion  Neon  Software  Inc 
Arbor  Networks  NetQoS,  Inc. 

Arrow  Electronics  Network  Associates 

Avaya  -  NJ  Network  Physics 
CDWNokia-AK,  Inc. 

Ciena  Corp  Novell 

Cisco  Systems,  Inc.  Oracle  Corp 

Client  Name  Packeteer  Inc. 

Colubris  Networks,  Inc  Permeo 

Coradiant  Pulver.com 

Cyclades  Corp  Quest  Software 

Dell  Computer  Corp  Robot icsTrends 

EMC  Corp  SafeNet 

Emulex  Corp  SAS  Institute 

FaceTime  Communications  Server  Technology  Inc 

Fluke  Networks  ShoreTel 

Hitachi  Data  Systems  Siemens  Business  Comm. 

HP  -  CA  SPI  Dynamics 

IBM  Spirent  Communications 

IDG  World  Expo/LinuxWorld  SSH  Communications 

Iomega  Systimax  Solutions 

IronPort  Systems  Tacit  Networks 

IXIA  Tripp  Lite 

KaplanIT  Websense  Inc 

Lancope  WiredRed  Software 

LANDesk  Zultys 

LightPointe  Communications  Inc. 

These  indexes  are  provided  as  a  reader  service.  Although  every 
effort  has  been  made  to  make  them  as  complete  as  possible,  the 
publisher  does  not  assume  liability  for  errors  or  omissions. 

“Indicates  Regional  Demographic 


NetworkWorid 


Network  World  Events  and  Executive 
Forums  produces  educational  events 
c  ,  and  executive  forums  worldwide. 

Event*  and  Executive  Forum*  jndudjng  our  one  day  Technology  Tours. 

customized  on-site  training,  and  executive  forums  such  as  DEMO®, 
DEMOmobile®,  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX 
Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800-643-4668  or  go  to  www.networkworld.com/events. 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500 
and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 
1900  x128  or  E-mail:  networkworld@reprintbuyer.com. 
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Gan  GA  catch  up? 

Computer  Associates  wants  to  shake  off  it 
Even  with  noted  strengths,  the  company 

Challenge 

s  recent  past  and  rekindle  its  customer  relationships, 
will  encounter  roadblocks. 

Strategy 

CA  will  face  resistance  and  scrutiny  from  customers  familiar 
with  its  former  reputation  as  one  of  poor  customer  service. 

Company  executives,  including  CEO  John  Swainson,  have  been  giving 
customers  face  time  to  hear  their  gripes,  but  CA  admits  only  time  and 
proven  execution  on  product  promises  can  revamp  the  company's  image. 

CA  is  known  for  buying  its  way  into  technology  markets 
without  clear  product  plans,  but  changes  in  IT  buying  will 
require  the  company  to  quickly  integrate  acquired  technology 
and  open  up  tools  for  use  in  third-party  systems. 

CA  is  expected  to  announce  new  identity  and  access  management  products 
this  week  that  use  technology  acquired  with  Netegrity  in  late  2004,  and 
has  detailed  at  customer  events  plans  for  future  integration  among 
management  tools  from  its  Unicenter  and  acquired  Concord  eHealth  and 
Aprisma  Spectrum  product  suites. 

CA  must  gain  ground  on  competitors  such  as  BMC  Software, 
HP  and  IBM,  which  have  been  using  the  past  year  to  tout 
IT  services  management,  while  CA  has  been  busy  with 
internal  restructuring. 

CA  is  expected  to  unveil  its  own  configuration  management  database 
(CMDB)  technology  at  CA  World  2005,  which  is  the  basis  for  most  IT 
service  management  offerings  amoung  competitors. 

Computer  Associates 

continued  from  page  1 

the  past  year  and  that  people  are 
still  dubious  about  the  Con- 
cord/Aprisma  acquisition,”  says 
Jean-Pierre  Garbani,  a  vice  presi¬ 
dent  with  Forrester  Research.  “I 
see  good  things  coming  from  CA, 
but  the  company  still  has  to  get 
back  at  the  forefront.  IBM  Tivoli 
has  captured  a  lot  of  mind  share 
lately,  and  it  is  tough  to  beat  that.” 

Amid  accounting  scandals, 
management  changes  and  acqui¬ 
sitions,  CA  has  been  notably  quiet 
on  the  product  front  for  the  past 
18  months,  as  new  company  lead¬ 
ers  re-jiggered  internal  operations. 

At  the  show  the  company  will 
be  sharing  its  product  develop¬ 
ments  and  company  strategy  CA 
expects  about  5,000  attendees, 
half  that  of  last  year’s  show.  In¬ 
dustry  watchers  say  the  company 
must  start  disclosing  its  plans  to 
clients  to  remain  competitive. 

For  instance,  vendors  such  as 
BMC  Software,  HP  and  IBM  have 
been  touting  CMDB  products  for 
the  past  year  as  a  means  to  better 
access,  correlate  and  make  intelli¬ 
gent  use  of  configuration  data  col¬ 
lected  from  applications  and  sys¬ 
tems  by  disparate  management 
products.The  technology  also  can 
show  network  managers  the 
servers  that  applications  depend 
upon,  which  can  potentially 
speed  fixes  during  an  IT  failure. 

“CMDB  is  the  hot  subject  du 
jour,  and  it  is  high  time  for  CA  to 


announce  their  strategy  . . .  Many 
clients  see  application-to-infra- 
structure  mapping  as  a  funda¬ 
mental  technology  that  will  ease 
the  pain  of  systems  management,” 
Garbani  says. 

The  expected  upgrades  reflect 
CAs  awareness  of  a  shift  in  IT  buy¬ 
ing  practices  from  purchasing 
tools  to  implementing  integrated 
product  suites,  industry  watchers 
say  For  instance,  CA  is  incorporat¬ 
ing  its  CMDB  technology  across 
relevant  products  —  rather  than 
selling  it  as  a  stand-alone  applica¬ 
tion  —  which  could  help  cus¬ 
tomers  better  collect,  share  and 
manage  data  from  multiple  CA 
and  third-party  sources,  says  Rich 
Ptak,  principal  analyst  with  Ptak, 
Noel  &  Associates. 

“CA  realizes  it  needs  to  frame  its 
products  and  message  to  cus¬ 
tomers  in  terms  of  IT  services,”  he 
says.  “It’s  not  about  how  many 
tools  they  have  to  solve  disparate 
IT  problems.  Now  vendors  like  CA 
need  to  make  the  case  for  how 
their  technology  will  solve  busi¬ 
ness  problems.” 

CEO  John  Swainson,who  joined 
CA  earlier  this  year,  has  said  the 
company  would  focus  its  devel¬ 
opment  efforts  on  areas  such  as 
management  and  security  that 
were  targeted  as  markets  with 
high  growth  potential.  Last  month, 
CA  reported  that  its  Unicenter  line 
continues  to  be  its  strongest,  con¬ 
tributing  $303  million  to  the  com¬ 
pany’s  second-quarter  fiscal  year 
2006  billings. 


CA  already  has  a  strong  foothold 
in  identity  and  access  manage¬ 
ment  —  in  August  IDC  named  the 
company  as  the  market  leader, 
with  20%  share  of  the  $450  million 
market.  Industry  watchers  specu¬ 
lated  at  the  time  of  the  Netegrity 
acquisition  that  the  purchase 
could  increase  CAs  market  share. 
IDC  predicts  the  market  for  identi¬ 
ty  and  access  management  prod¬ 
ucts  will  grow  to  nearly  $4  billion 
by  2009. 

“CA  knows  that  their  customers, 
IT  organizations,  need  to  provide 
services  such  as  identity  and 
access  management  to  help  their 
internal  customers  make  the  max¬ 
imum  use  of  IT  applications  and 
services,”  Ptak  says. 

It  remains  unclear  if  customers 


are  keeping  the  faith  in  CA. 

CA  posted  income  of  $41  mil¬ 
lion  for  the  second  quarter  of  fis¬ 
cal  year  2006,  up  from  a  $98  mil¬ 
lion  loss  in  last  year’s  second  quar¬ 
ter.  But  new  business  bookings  fell 
11%  during  the  quarter,  to  $665 
million.  CA  called  the  drop-off  an 
anticipated  effect  of  its  decision 
to  decrease  early  customer  ser¬ 
vice  contract  renewals.  The  com¬ 
pany  has  reworked  its  sales  staff 
compensation  this  year  to  reward 
new  business  sales  more  than 
renewals.  , 

Longtime  customer  Ben  Ettlin- 
ger,  lead  data  administrator  with 
the  New  York  Power  Authority  in 
White  Plains  and  president  of  the 
New  York  Enterprise  Modeling 
User  Group,  worried  initially  when 
he  heard  CA  was  lopping  off 
development  for  certain  products. 

“I  was  very  concerned  when  I 
heard  the  company  would  be 
focusing  on  Unicenter  and  eTrust, 
basically  management  and  secu¬ 
ritygoing  forward,’ ’he  says.“But  my 
reps  have  since  assured  me  that 
there  is  a  strong  commitment  to 
the  data  modeling  tool.” 

Ettlinger  has  been  using  CAs 
AllFusion  ERwin  Data  Modeler 
software  for  10  years  to  help  him 
more  efficiently  store  data, 
enforce  business  rules  and 
reduce  redundancy  of  data  mod¬ 
els.  He  says  CA  is  preparing  the 
first  major  revision  of  the  software 
he’s  seen  in  years. 

“I’m  confident  they  are  back  on 
stable  ground, and  I  still  work  with 
the  same  people  in  product  devel¬ 
opment,  which  really  makes  me 
feel  better)’  he  says. 

On  the  other  hand,  Kim  Jahnz, 
lead  WAN  data  network  engineer 
at  Aurora  Health  Care  in  Mil¬ 
waukee,  views  CA  with  “guarded 


optimism”  since  becoming  a  cus¬ 
tomer  by  default  earlier  this  year 
when  CA  acquired  Concord 
Communications.  She  also  still 
works  with  the  same  product 
teams,  which  “made  us  feel  better’’ 
she  says.  But  Jahnz  is  hoping  CA 
will  continue  to  focus  on  the  core 
network  management  and  perfor¬ 
mance  reporting  competencies 
for  which  she  originally  pur¬ 
chased  the  Aprisma  and  Concord 
products. 

“Our  products  haven’t  been 
impacted  yet,  and  it  seems  right 
now  they  are  saying  the  right 
things  about  development  going 
forward,”  she  says. 

Jahnz  has  already  done  the 
work  to  integrate  Aprisma  and 
Concord  software  in  her  IT  shop. 
She  says  she  recently  learned  that 
CA  may  be  discontinuing  certain 
products  with  plans  to  replace  the 
functionality  and  product  capa¬ 
bilities  with  a  larger  integrated 
management  suite  that  incorpo¬ 
rates  CAs  Unicenter,  Aprisma’s 
Spectrum  and  Concord’s  eHealth 
in  the  next  year  or  so. 

“CA  reassured  me  that  it  did  not 
buy  the  Concord  and  Aprisma 
technology  to  gut  it  and  move 
on,  but  I  have  to  basically  wait 
and  see,”  she  says.“I  am  most  curi¬ 
ous  about  the  licensing  that  may 
change  when  they  do  get  the 
integration  done.  I  already  had 
maintenance  and  support  con¬ 
tracts  for  the  two  products;  now 
will  I  need  three?  It’s  not  clear.” 

Stacy  Cowley  of  the  IDG  News 
Service  contributed  to  this  story. 
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Niagara 

continued  from  page  10 

Rising  power  demands  have  pushed  the  industry 
to  move  from  cranking  up  clock  speed  to  improving 
system  performance.  Chipmakers  are  putting  multi¬ 
ple  cores  on  a  single  piece  of  silicon  to  enable  more 
work  to  be  done  by  less-power-hungry  processors. 

IBM  has  long  had  a  dual-core  Power  processor  and 
introduced  a  quad-core  Fbwer5+  last  month.  HP 
rolled  out  its  dual-core  PA-RISC  chip  last  year.  Intel 
and  AMD  both  introduced  dual-core  x86  chips  in  the 
last  few  months. 

Sun  made  its  first  move  into  the  multicore  arena 
last  year,  when  it  introduced  systems  based  on 
UltraSPARC  IY  a  dual-core,  dual-threaded  processor. 
With  UltraSPARC  Tl,  Sun  is  taking  a  giant  step  for¬ 
ward  in  enhancing  computing  throughput,  analysts 
say  The  architecture,  which  is  a  departure  from  pre¬ 
vious  SPARC  designs,  is  aimed  at  high-transaction 
Web  workloads  where  multiple  tasks  need  to  be  han¬ 
dled  concurrently 

With  typical  processors,  when  there  is  a  cache  miss 
or  stall,  the  pipeline  has  to  wait,  but  with  the  multi¬ 
threaded  design  the  processor  can  perform  more 
efficiently,  says  Jeff  O’Neal,  director  of  engineering  in 


Sun’s  scalable  systems  group. 

“Each  core  is  managing  four  threads.  So  if  one 
thread  stalls  and  has  to  go  to  memory,  then  you 
have  three  of  the  threads  continuing  to  share  the 
pipeline,”  he  says.“The  idea  is  to  keep  the  pipeline 
in  that  core  busy  all  the  time.  It’s  a  fundamental  shift 
in  thinking.” 

With  UltraSPARC  Tl  ,the  processor  pipeline  is  active 
about  85%  of  the  time,  compared  to  15%  to  20%  for 
an  average  chip,  O’Neal  says.  In  addition,  Sun  claims 
that  end  users  beta  testing  the  systems  have  been 
able  to  reduce  their  hardware  requirements  by  60%, 
while  doubling  performance. 

W  L.  Gore  &  Associates,  best  known  for  its  Gore-tex 
fabric,  runs  UltraSPARC  IV-based  systems  today,  but  is 
keeping  a  close  eye  on  Niagara.  Richard  Sun,  net¬ 
work  systems  engineer  at  W  L.  Gore  in  Newark,  Del., 
says  he  is  definitely  interested  in  the  technology,  but 
will  be  watching  how  software  vendors  take  advan¬ 
tage  of  the  new  architecture. 

‘Assuming  software  vendors  keep  up  and  can  truly 
utilize  this  architecture,  it’ll  definitely  be  a  good  step 
in  resource  consolidation  and  centralization,”  he 
says.’The  problem  we’ve  found  in  going  to  dual-core 
boxes  is  that  some  software  doesn’t  appear  to  utilize 
this  well.”  ■ 
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Wireless 
products 
gravitate 
to  mesh 

BY  JOHN  COX 

Cisco  and  a  group  of  other  ven¬ 
dors  are  releasing  mesh  network 
products  based  on  the  802.11 
wireless  LAN  standard. 

The  products  are  aimed  mainly 
at  creating  outdoor  wireless  net¬ 
works,  such  as  for  municipalities, 
or  as  extensions  to  enterprise 
WLANs.  In  a  mesh,  wireless  de¬ 
vices  connect  to  a  nearby  node, 
which  passes  the  packets  to  one 
or  more  companion  nodes. 

Cisco  is  expected  to  announce 
this  week  its  two-radio  Aironet 
1500  Outdoor  Mesh  Access  Fbint. 
Users  will  connect  via  802. 1  lg/b 
to  the  1500,  which  will  then  use  a 
separate  802.11a  radio  to  con¬ 
nect  with  neighboring  nodes.The 
product  is  based  on  work  done 
by  Airespace,  a  company  Cisco 
acquired  earlier  this  year. 

But  Cisco  is  late  to  the  market. 
Nortel  introduced  mesh  products 
in  2004,  the  same  year  Motorola 
acquired  an  early  mesh  vendor. 
BelAir,  Strix  and  Tropos  began 
selling  products  even  earlier. 

The  1500  is  priced  at  $4,000. 
Cisco’s  Alan  Cohen  says  rivals 
have  single-radio  nodes  that  are 
less  expensive.  But  Cisco’s  two- 
radio  product  pricing  is  compa¬ 
rable  to  similar  products,  he  says. 

Last  week,  D-Link  announced 
plans  to  deliver  early  in  2006  its 
own  brand  of  outdoor  WLAN 
mesh  products,  initially  with  one 
radio  that  can  support  802.1  lg 
and  802.11a  traffic  via  a  dual¬ 
mode  radio  chipset  from  Atheros. 
The  target  price  is  $4,000. 

Tropos  this  week  is  unveiling 
software  and  hardware  for  man¬ 
aging  and  optimizing  its  radios. 
Tropos  Insight  is  a  server-based 
application  that  pulls  data  from 
Tropos  MetroMesh  nodes,  ana¬ 
lyzes  it  and  displays  the  results  in 
about  40  graphical  reports.  The 
reports  show  active  and  inactive 
links,  two-way  throughput  over 
each  link  and  packet  loss.  It  also 
calculates  the  likelihood  of  a 
packet  successfully  traveling  a 
link  the  first  time. 

A  second  new  tool  is  Tropos 
Drive,  an  appliance  used  to  test  a 
Tropos  network  from  the  view¬ 
point  of  end  users.* 


Lotus 

continued  from  page  1 

Those  numbers  are  9  and  10,  as 
in  planned  versions  of  Notes/- 
Domino  that  will  be  released  after 
Version  8,  which  IBM/Lotus  began 
to  detail  in  the  fall  with  its  new 
Hannover  client. 

Rhodin  plans  the  first  public 
demonstration  of  Hannover  and 
the  introduction  of  Domino  8, 
Hannover’s  back-end  companion, 
at  Lotusphere. 

“Hopefully  the  attendees  walk 
away  saying  ‘we  got  it,’  ”  he  says. 

“Got  it”  in  terms  of  Notes/- 
Domino  as  the  focal  point  for  col¬ 
laboration  and  the  Java-based 
Workplace  environment  as  a 
complementary  technology  that 
helps  deliver  dynamically  provi¬ 
sioned,  server  managed  corporate 
desktops  tailored  to  a  worker’s 
role  in  a  company. 

Clearing  the  air 

Users  didn’t  “get  it”  three  years 
ago,  and  experts  say  neither  did 
IBM,  when  then-General  Manager 
A1  Zollar  introduced  the  Work¬ 
place  strategy  a  set  of  collabora¬ 
tion  components  running  on 
WebSphere.  It  was  a  bomb  that 
users  believed  had  just  blown 
Notes  off  the  road  map.  Those 
same  users  were  a  bit  less  skepti¬ 
cal  last  year,  when  then-General 
Manager  Ambuj  Goyal  said  there 
would  be  no  forced  migrations. 

Now  Rhodin  is  tasked  with 
shoring  up  the  message  that 
Notes/Domino  is  the  core  collab¬ 
oration  tool  delivered  within  the 
Workplace  framework,  whose 
server-based  architecture  promis¬ 
es  to  reduce  the  cost  of  desktop 
maintenance  and  ease  software 
upgrades. 

“A  lot  of  this  is  clarifying  the 
message,”  says  Rhodin,  who  has 
shunned  the  corner  office  at 
Lotus’  Cambridge  headquarters 
so  he  can  stay  in  his  office  in 
Westford,  Mass.,  close  to  the  800 
software  developers  who  work 
there. 

If  his  message  takes  root,  the 
next  steps  won’t  be  any  easier, 
according  to  experts. 

“There  are  two  major  challenges 
that  are  fundamental,”  says  Peter 
O’Kelly  an  analyst  with  Burton 
Group.“Execution  on  Hannover.  If 
they  blow  it,  a  lot  of  users  will  say 
that’s  it.  The  second  thing  they 
have  to  do  is  move  potential  users 
from  ‘we  got  it’  to  ‘we  need  it.’  ” 

That  is  a  place  Lotus  has  not 
been  in  for  a  few  years. 


The  Lotus  difference 

At  its  January  user  meeting,  Lotusphere,  IBM/Lotus  will  show  off  its  new  genera!  manager 
and  his  plans  to  re-energize  the  Notes/Domino  platform. 

Challenges  Strategies 

Remove  any  doubt  from  users’  minds  as  to  the  future  of  Notes/Domino  j  Lotus  may  unveil  plans  for  future  versions  of  Notes/Domino  beyond 
in  regard  to  the  new  Java-based  Workplace  environment.  I  Version  8,  which  could  ship  as  early  as  the  end  of  2006, 

Convince  potential  customers  they  need  Workplace,  including  :  Lotusphere  agenda  has  been  loaded  up  with  technical  sessions  to 
the  Hannover  client  for  Notes  8,  and  that  it  is  stable,  feature-  j  give  users  a  look  under  the  hood, 
complete  and  ready  for  prime  time. 

Re-establish  IBM/Lotus'  lead  in  the  real-time  :  New  version  of  IBM/Lotus  instant  messaging  and  Conferencing 

communication/collaboration  market.  Server  (i.e.  Sametime)  expected  to  ship  before  the  end  of  January, 


“What  they  need  is  more  mo¬ 
mentum  in  the  partner  and  IT 
community.  1  am  starting  to  see 
that  come  back,”  says  David  Via, 
vice  president  of  Wolcott  Systems 
Group,  a  Lotus  partner.  Via  recent¬ 
ly  participated  in  a  road  show  for 
Notes  7,  which  was  released  in 
September.  “People  said  to  me 
they  haven’t  done  anything  with 
Notes  for  five  years  but  that  they 
are  now  coming  back.”  He  says 
the  trick  is  to  again  grow  the  user 
base,  which  stands  at  120  million, 
just  slightly  more  than  a  1%  in¬ 
crease  over  last  year. 

As  evidence  of  user  appeal, 
Lotus  has  posted  double-digit  rev¬ 
enue  gains  over  the  past  three 
quarters,  with  most  of  the  revenue 
coming  from  new  licenses,  con¬ 
verting  Microsoft  Exchange  cus¬ 
tomers  and  Notes/Domino  on 
Linux,  Rhodin  says. 

That  revenue,  however,  is  not 
being  pumped  up  by  Workplace, 
where  early  adopters  are  showing 
interest  but  not  the  stellar  results 
that  Rhodin  needs  to  merge 
Notes/Domino  and  Workplace. 

“At  this  moment,  I  have  to  be 
honest,  we  are  not  satisfied  with 
Workplace  being  ready  as  a  full 
enterprise  solution  doing  what  we 
need  it  to  do,  but  I  am  confident 
looking  at  the  road  map  that  we 
will  be  able  to  merge  [from  Notes 
to  Workplace]  and  that  it  will  all 
work  for  us,”  says  John  Rood,  vice 
president  of  IT  for  San  Francisco 
State  University 

The  school,  which  uses  Notes  7, 
was  put  forth  by  IBM  last  year  as 
a  high-profile  Workplace  convert. 
The  school  plans  to  migrate  to 
Workplace  in  the  spring  but  will 
continue  to  run  Notes  in  parallel 
until  it  feels  comfortable  with  a 
change  for  its  50,000  users.  Rood 
says  features  such  as  Domino 
Web  Access  in  Notes/Domino  7 
show  that  Notes  is  still  innovative 
and  vibrant. 

Other  users,  such  as  Dale  Sin- 


stead,  director  of  IS  for  Pioneer 
Petroleum  in  Ontario,  Canada,  say 
the  rough  spots  in  Workplace  are 
being  worked  out  and  his  enthusi¬ 
asm  is  climbing. 

“Notes  and  Domino  is  not  going 
away  which  is  good  because  we 
have  a  huge  investment  in  that,” 
says  Sinstead,  who  also  has  de¬ 
ployed  to  150  users  the  Workplace 
Managed  Client,  a  server-managed 
collaboration  environment  that 
works  online  and  offline. 

While  the  managed  client  has 
yet  to  match  the  rich  feature  set 
of  Notes,  it  lets  him  extend  col¬ 
laboration  tools  to  retailers, 
who  don’t  have  IT  departments, 
desktop  support  or  broadband 
connections. 

The  managed  client  is  one  of 
the  top  entries  on  Rhodin’s  to-do 
list  for  2006,  which  includes  evolv¬ 
ing  Workplace  Services  Express,  a 
server-based  bundle  of  basic  col¬ 
laboration  tools. 

He  also  plans  to  incorporate 
electronic  forms-based  business 
process-management  software, 
which  was  part  of  IBM’s  acquisi¬ 
tion  of  PureEdge,  and  he  plans  to 
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push  Notes/Domino  in  develop¬ 
ing  markets,  such  as  Russia,  China 
and  India. 

Other  efforts,  he  says,  include 
fighting  off  Microsoft,  which  is  ral¬ 
lying  its  collaboration  strategy 
around  Office,  ShareFbint,  Live 
Communications  Server  and  Ex¬ 
change.  Microsoft  CEO  Steve  Ball¬ 
mer  added  fuel  in  July  when  he 
said  Lotus’  customer  base  was  just 
waiting  for  Microsoft  to  move 
them  off  Notes. 

“When  their  CEO  declares  the 
death  of  my  product,  that  is  throw¬ 
ing  down  the  gauntlet,”  Rhodin 
says.  Part  of  the  attack  includes  a 
long-awaited  update  to  the  IBM/- 
Lotus  Messaging  and  Conferen¬ 
cing  Server,  a  real-time  communi¬ 
cations  platform  whose  evolution 
has  been  stalled  as  Microsoft  has 
extended  into  technologies  such 
as  VoIP 

Rhodin  doesn’t  plan  to  flinch, 
but  says  he  won’t  focus  on  Micro¬ 
soft  at  the  expense  of  new  devel¬ 
opments  such  as  RSS,  blogs  and 
wikis  that  will  bring  emerging  col¬ 
laboration  technologies  to  his 
own  platform.  ■ 
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^  /  attended  the  INTERNET  TELEPHONY  Conference  &  EXPO  in  Miami  to  improve  my  knowledge  of  enterprise  .  WEf 
IP  PBX  solutions  and  to  find  new  applications  that  could  meet  our  business  requirements.  I  believe  that  it 
was  the  most  informative  conference  that  I  have  attended  on  IP  telephony  to  date.  The  sessions 
thorough,  understandable,  and  unbiased.  There  were  opportunities  to  meet  both  with  vendors  and  with  other g  , 
enterprises  planning  a  switch  to  IP  telephony.  All  in  all,  it  was  a  very  valuable  conference  for  me,  y 

-  Pierre  Simard,  Ottawa,  Ontario  Qriadg  F 
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BACKSPIN  Mark  Gibbs 

More  on  Sony’s  rootkit 


"Most  people ,  7  think,  don 't 
even  know  what  a  rootkit 
is,  so  why  should  they  care 
about  it?” 

—  Thomas  Hesse,  presi¬ 
dent  of  Sony  BMG’s  global  digital  business  division,  inter¬ 
viewed  on  National  Public  Radio’s  “Morning  Edition”  on 
Nov.  4  (www.networkworld.com,  DocFmden  9748). 
In  1951  and  1952  the  U.S.Army  filled  balloons  with  the 
bacterium  Serratia  marcescens  and  burst  them  over  San 
Francisco. This  experiment,  called  Operation  Sea-Spray 
was  to  study  how  biological  weapons  might  be  deployed. 
Within  the  next  few  weeks  doctors  in  the  area  noticed  a 
drastic  increase  in  pneumonia  and  urinary  tract  infec¬ 
tions.  Worse  still,  people  died  (see  DocFinder:9745). 

These  weren’t  the  only  biological  weapons  experiments 
that  were  done.  From  1949  to  1969  (when  President 
Richard  Nixon  put  a  stop  to  the  U.S.  biological  weapons 
program)  some  239  “open-air”  tests  of  biological  agents  or 
simulations  using  chemicals  were  performed.  And  all  of 
these  tests  and  their  consequences  were  kept  secret  until 
they  were  leaked  to  the  press  in  the  mid-1970s. 

I  relate  this  tale  because  the  government’s  thinking  was 
completely  in  line  with  Hesse’s  stated  position. 

The  arrogance  of  Hesse  reveals  a  lot  about  his  and  his 
company’s  attitude  toward  consumers.  Perhaps  most  trou¬ 
bling  is  that  he  presumes  that  the  ignorance  of  others  is  a 


reasonable  basis  for  doing  something  to  their  property 
Even  worse  is  the  fact  that  something  could  have 
unknown  side  effects  and  consequences. 

The  truth  about  the  Sony  BMG  rootkit  called  XCP 
Content  Management,  which  was  provided  by  First  4 
Internet,  has  slowly  emerged,  even  while  Sony  and  First  4 
Internet  continue  to  claim  that  XCP  neither  invades  user 
privacy  nor  is  a  source  of  risk  or  system  instability 

Sony  and  First  4  Internet  attempted  to  rebut  some  of 
Mark  Russinovich’s  findings,  but  Russinovich  sliced  and 
diced  their  comments  (see  DocFinder:  9746)  and  the  par¬ 
ticulars  haven’t  changed.  Computer  Associates  has  classi¬ 
fied  the  Sony  digital  rights  management  (DRM)  system  as 
a  Trojan  and  spyware  because  it  reports  back  to  the  Sony 
BMG  mothership!  (See  DocFinder:  9747,  and  check  out 
Gibbsblog,  where  I  have  an  interview  with  CAs  vice  presi¬ 
dent  of  eTrust  Security  Management.) 

It  seems  you  are  as  appalled  as  I  am.  Reader  Mark  Bruch 
wrote  “some  teenager  that  gets  a  virus  on  his  home  com¬ 
puter  plays  with  it,  and  the  new  strain  gets  in  the  wild.  He 
didn’t  invent  the  virus,  but  our  government,  in  order  to 
show  they  are  protecting  us,  breaks  in  armed  and  seizes 
everything  in  the  family  house  and  throws  the  book  at  the 
underage  kid  in  court.” 

Bruch  pointed  out  that  if  there  is  any  justice,  the  Sony 
executives  who  authorized  the  use  of  this  DRM  system 
will  wind  up  behind  bars.  I  think  everyone  who  was  in  the 


chain  of  command  that  led  to  the  use  of  the  DRM  system 
(technicians  and  all)  should  be  prosecuted. 

The  class-action  lawsuit  that  I  was  hoping  for  has  start¬ 
ed:  On  Nov.  1  a  group  of  California  consumers  filed  suit, 
claiming  that  Sony  BMG  violated  two  California 
statutes.The  first  protects  consumers  from  unfair  and 
deceptive  business  practices,  and  the  second  prohibits  the 
installation  of  spyware. The  suit  also  alleges  that  Sony  has 
violated  the  California  Unfair  Competition  law. 

Another  suit  was  to  be  filed  last  week  in  New  York,  and 
Italian  authorities  were  asked  to  investigate  Sony’s  actions. 

Sony  BMG’s  insane  use  of  DRM  is  just  the  leading  edge 
of  a  potential  wave  of  corporate  technological  tyranny 
intended  to  protect  profits  and  control  markets. You  can 
bet  there  are  feverish  meetings  going  on  at  the  Recording 
Industry  Association  of  America  and  the  Motion  Picture 
Association  of  America  to  organize  political  pressure  to 
minimize  any  judgment  on  Sony  BMG’s  actions. 

If  Sony  BMG  isn’t  held  accountable,  worse  assaults  on 
consumers  by  not  only  Hollywood  but  any  content  or 
software  publisher  who  pleases  will  quickly  follow. 

Your  outrage  to  backspin@gibbs.com  and  see  Gibbsblog 
( www.networkworld.com/weblogs/gibbsblog/ )  for  the 
CA  interview.  Don't  forget  to  vote  in  our  poll  on  what 
should  be  done  about  Sony  and  its  rootkit  (www.  network 
world.com/community/?q=node/3502). 


News,  insights,  opinions  and  oddities 


Paul  McNamara 


Dial  H  for  human 

“Just ...  let ...  me  .. .  talk  ...  to  ...  a  .. .  human  . . . 
being.” 

We've  all  spit  those  words  through  clenched  teeth 
after  a  round  of  combat  with  some  corporate  behe¬ 
moth's  automated  call  center. 

Paul  English  has  done  more  than  just  spit;  he's  mustered  up  a  way  to  help  the 
rest  of  us  break  on  through  to  the  other  side  of  those  seemingly  impenetrable 
communications  barriers.  Co-founder  and  CTO  of  travel-search  site  Kayak.com, 
English  has  posted  on  his  personal  Web  site  a  cheat  sheet  for  busting  through 
interactive  voice  response  (IVR)  systems.  A  database  that  started  with  the  keys 
to  10  company  IVRs  in  March  is  now  up  to  108  entries  and  growing,  as  English 
allows  for  reader  submissions. 

Among  the  tips  offered  at  http://paulenglish.com/ivr/: 

•  Want  a  Sprint/Nextel  human?  Press  “0”  fives  times. 

•  Capital  One  Visa?  That’ll  also  take  five  zeroes,  plus  the  fortitude  to  ignore  verbal 
prompts  alleging  that  your  entries  are  invalid.  Be  strong. 

•  Delta  Airlines?  Say  “agent"  at  the  prompt _ Say  it  again  at  the  next  prompt . . . 

And  the  next. . . .  One  more  time.  Don’t  forget  to  breathe  in  between. 

The  list  includes  a  galling  litany  of  variations  on  the  theme,  and  it’s  been  getting  a 
ton  of  traffic,  English  says,  especially  after  a  front-page  article  recently  in  The 
Boston  Globe.  It  even  notes  those  companies  that  do  well  by  their  customers  in 
terms  of  providing  human  contact,  including  a  number  that  offer  the  option  of  dialing 
"0”  —  only  once  —  to  hear  a  real  voice. 

English  isn't  opposed  to  automation,  per  se. 

“IVRs  are  great,  and  we  should  have  them  everywhere,  but  please  let  me  get  to  a 
human  if  I  really  need  to  do  it,”  English  says. 

When  we  spoke  I  posed  to  him  the  obvious  devil's  advocate  question:  If  companies 
can  make  more  money  providing  crappy/cheaper  automated  phone  service  than  they 
can  doing  it  well  with  humans,  who’s  to  say  they’re  wrong  to  give  us  less  than  their 
best?  The  people  who  run  these  companies  aren’t  stupid;  they're  simply  motivated 


more  by  the  bottom  line  than  a  desire  to  spare  us  irritation. 

“You  say  the  people  who  run  these  companies  aren’t  stupid? That's  not  always  the 
case,"  English  says.  "I  don't  mean  to  be  flip,  but  what  I  would  look  at  is  which  com¬ 
panies  have  incredibly  strong  brands  and  loyalty  —  where  the  customers  come  back, 
they  spend  more,  and  customer  acquisition  is  low  because  people  bring  their 
friends.  It’s  companies  like  Southwest  Airlines  and  Nordstrom:  You  call  them,  and 
they  answer.” 

English  speaks  now  as  the  aggrieved  consumer,  but  his  qualms  about  IVRs  also 
come  through  business  experience.  A  former  vice  president  of  technology  at  intuit, 
he  oversaw  a  2,000-person  call  center  in  Tucson,  Ariz. 

“I  automated  part  of  the  software,  so  when  you  bought  QuickBooks  a  lot  of  it 
would  be  done  automatically  that  previously  had  been  done  over  the  phone," 

English  says.  “When  [Intuit  founder]  Scott  Cook,  my  boss,  found  out  what  I  had 
done,  he  was  pissed.  He  said,  ‘Paul,  are  you  kidding?  People  buy  QuickBooks 
because  it's  very  stressful  to  try  to  set  up  a  new  business.  If  we  have  an  opportuni¬ 
ty  to  talk  to  them  and  make  them  feel  comfortable  and  ease  them  through  it,  they’ll 
be  more  successful,  we'll  form  a  better  relationship  with  them  and  maybe  we  can 
sell  them  other  stuff.’  Scott  had  me  totally  rip  it  out. ...  I  remember  going  through 
that  experience:  I  didn’t  completely  get  it." 

Unless  you're  a  corporate  bean  counter,  it’s  tough  to  argue  with  English,  especially 
when  he  gets  on  a  roll. 

“The  thing  that  I  hate  is  that  a  lot  of  IVRs  are  designed  poorly  . . .  and,  increasingly 
I'm  making  calls  from  my  car  phone,"  he  says.  “Please  don’t  ask  me  to  be  punching 
buttons  and  menus  for  four  minutes  while  I’m  driving  my  car  down  the  street.  Just 
let  me  hit  ‘0’  and  get  to  a  human." 

Of  course,  there  is  another  option  in  that  particular  circumstance:  Pull  over  before 
you  make  the  call. 

But,  hey,  let's  not  quibble. The  guy’s  fighting  the  good  fight  here. 

Suppose  there's  no  getting  around  giving  out  the  phone  number  after  writing  this  kind 
of  column:  (508)  490-6471.  The  address  is  buzz@nww.com. 
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